Date: Apr 04/26/12 9:38 AM Subject: [BBLISA-announce] April recap and May talk From: "John P. Rouillard" Thanks to the 25 people who attended the April BBLISA talk by Dan Walsh on "A fresh look at SELinux and what it is complaining about." The talk started out with a brief review of security models and how SELinux fits into the landscape. This was followed by a brief history of SELinux and its usability improvements. One takeaway: an application exploit on a system without SELinux means the entire system must be rebuilt. When using SELinux, the system is protected and only the files that the application is allowed access to need to be audited/repaired. A local root compromise doesn't provide any additional access with SELinux. The implications of this for cloud and virtual machines: one compromised VM on a system not running SELinux means all the VM's can be compromised. Common problems with moving/symbolic linking files and how to relabel (SELinux is based on labels) were discussed and the commands to relabel/preserve labels and modify the rules using sesetbool and semanage were shown. You can follow his blog at: danwalsh.livejournal.com On Wednesday, May 9, 2012 at 7PM we are happy to have Martin Leach who is the CIO of the Broad Institute talking about "What does a CIO do anyway?" The average job life of a CIO is about 2 1/2 years, it even comes with the pleasant acronym of '*C*areer *I*s *O*ver'. The Broad Institute just hired their first CIO, and will try to justify his existence at this presentation and discussion. -- -- rouilj John Rouillard =========================================================================== My employers don't acknowledge my existence much less my opinions. _______________________________________________ bblisa-announce mailing list bblisa-announce@bblisa.org http://www.bblisa.org/mailman/listinfo/bblisa-announce