The SELinux userspace libraries and programs recently released version 2.6. I
bumped them in Gentoo a couple days ago. They add a ton of new features, here
are a few of the main points:
more ...
SELinux desktop profiles came up on IRC earlier and I thought it might be a good idea to make a post about.
Currently in gentoo there are only two selinux profiles:
more ...
I finally managed to get tboot working in a way that makes sense to me. For
those unfamiliar, tboot uses Intel's Trusted eXecution Technology to invoke a
dynamic root of trust and then measure all the components you boot with (eg
kernel and initrd). What took me ages to figure out was how one can upgrade
kernels while keeping this chain working.
more ...