For the record I was right once again.

I recently had another interesting conversation with Josh. We always start out having drinks, then one of use (most likely Josh) makes some broad sweeping comments and we spend the next several hours debating the statement. Usually I win. Chris PeBenito (sorry Chris… how’s that for peer pressure to blog?) was there for the beginning but I think he has grown tired of hearing us argue ourselves in circles because, in all seriousness, we are usually both right but we won’t admit it until several more drinks have been served. We finally arrived at an agreement that will be discussed below.
Read the complete article »

Usually I shy away from political statements here… but way back when I mentioned a bill to permit drilling squeezing through the senate. Nice to see this get defeated. Someone has been stepping up to the plate lately to defend out civil liberties as well. Thanks to all those who stood up for what is best for society on these points!

I was finally able to get NetworkManager working in KDE. I had to emerge hal, dbus, and friends, re-emerge pam w/ the pam_console use flag, and use the Gentopia overlay for the NetworkManager ebuilds. Once I had the application up and running I had to use gtk-update-icon-cache command before the applet would start. Once that worked I had to start and stop gnome-keyring-daemon and set the environment variables in my kde env and shutdown directories:
Read the complete article »

Well it seems to be a popular topic lately. First of all lets clarify my statement on subject tranquility I made previously. As stated before, the problem with the lack of tranquility comes from policy not reflecting what is being enforced (due to revocation) and the introduction of time into analysis and design. Note that int SELinux, revocation issues can also result from policy reloads, not just relabeling of subjects/objects directly.

What about dynamic transitions?
Dynamic transitions are an evil hack to add support for legacy applications that are even bigger hacks! Read the complete article »

I was at a meeting the other day and was asked to explain why object tranquility must be maintained. I knew why but had a difficult time explaining it. After returning to Tresys and discussing the issue with Josh we arrived at a fairly concise answer:

Relabeling subjects and objects means that the security policy that is installed does not necessarily reflect what is being enforced on the system. For example, suppose policy permits ProcessA to read a file. This read permission is checked when ProcessA tries to mmap the file. The file is subsequently relabeled. ProcessA does not have acccess to this new label. However, the mmaping is still valid and fully accessible until a munmap() call on the address range. Even if ProcessA closes the file handle it still has unchecked access to the file via the address range. This example is very useful since permissions granted during the mmap process are irrevocable. While it might be possible to insert additional permission checks in the memory subsystem to facilitate revocation this would have a serious impact on the overall system performance and would probably not be very portable. A discussion about revocation will have to wait until later…
Read the complete article »

JTFC! I mean seriously… could the music industry get any more greedy? The iPod has done for portable/downloadable music what the VCR did for movies. Now they want to jack up the prices of “some” songs. Variable music pricing is not like interest rates folks. Variable rates will not benefit the economy or consumers. It will only lead to more profits for the already overpaid music producers. I’d like to send a big FUCK YOU out to Warner Music Group CEO Edgar Bronfman Jr. Thanks for trying to ruin a good thing asshole. I personally would rather turn back to piracy than see you guys make money off iPod sales.

As if the headline didn’t give it away… some big news. Catherine signed a contract yesterday on a great new house. Check it out by clicking the “Real Life” link to the left, then scenery, or by clicking here.

Stefan has once again decided to spend his vacation here with us. We have planned a tenative schedule and those “in the know” will be receiving a copy by email tomorrow. Nothing big, so hopefully he will have plenty of time to kick his feet up and relax. Wednesday wing night is still going strong and the tenative schedule reflects this.

Looks like wing nights are back in full swing. We are averaging about 9-11 people every out at Ellicott Mills Wednesday nights. Thanks to those who kept the faith when I had too much schooling and welcome to the “new” people.

I’ve made some changes in the gallery. As of today the only gallery you can browse without registering is the “Inanimate Objects & Scenery”. Please register to see the other galleries. This is mainly to keep search engines stuff away from the photos that are mysteriously becoming more and more incriminating. Register and have fun!

As a side note for those technically inclined readers… linking to the images still works. As long as you have the URL you’re good. I haven’t gone through the trouble of fixing this on individual albums and I probably won’t unless external linking becomes a problem or concern.

Please register with the photo gallery and start posting some comments about the photos for all of us to enjoy. I setup registration to require my authorization to keep out spammers but I promise I’ll try to check the queue often.

I got a new motherboard yesterday… old one finally died. Slackware 10.1 is installing on the rig now. I’ve been playing with the idea of creating some SELinux packages for Slackware 10.1. The existing packages are out of date and buggy. I’ll post updates here.

As a side note… I usually avoid political issues here. I always figured since I don’t give two shits about someone else’s political views they wouldn’t care about mine. The Republicans managed to squeeze a bill through the Senate that paves the way for drilling for oil in Alaska. I’ve seen our government do some stupid shit, but this takes the cake. They must really think that drilling there will make a difference in their constituents pockets. Short-sighted idiots. It will only act to appease the oil companies that will profit off the drilling. You want to reduce the price of gas, start taxing the hell out of anything that gets less then 30MPG highway (big-ass SUV drivers this is directed at you). Detroit will scramble to make more efficient cars and the oil prices will drop while benefiting the environment. But I digress… they are politicians, we must be asking too much. Read more….