#fudcon-room-2 log

21:21:56 <harish_> #startmeeting [14:15] <@harish_> speaker: Joerg Simon [14:16] <@harish_> #topic Fedora Security Lab [14:16] <@harish_> fsl developed by testers [14:17] <@harish_> fsl is a test-tool all-stars [14:17] <@harish_> #link http://spins.fedoraproject.org/security/ [14:18] <@harish_> #link https://fedorahosted.org/security-spin/readyApps [14:18] <@harish_> has a list of apps that were rejected either because they were too large or d
21:21:56 <zodbot> Meeting started Sat Jan 29 21:21:56 2011 UTC.  The chair is harish_. Information about MeetBot at http://wiki.debian.org/MeetBot.
21:21:56 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
21:22:01 <badkittydaddy> but also nist the national institute of <asks crowd> we don't use it in europe
21:22:04 <zodbot> harish_: Error: Can't start another meeting, one is in progress.
21:22:40 <badkittydaddy> and very important um it doesn't care about solution based things or compliance based things it's about real security and it's made for companies or governments that really have something to protect
21:22:50 <badkittydaddy> um it is made to have a common sense of how i made the test
21:23:15 <badkittydaddy> and yeah they put it in this chart so i was as i was in india a test pilot put out the circuit breaker for the pilot without the pilot knowing about it
21:23:39 <badkittydaddy> the test pilot knew all about the attack but the pilot did no tknow about the attack so i do not recommend you do this <laughter>
21:23:53 <badkittydaddy> uh yeah it defines what you teset where you test which channel you test
21:24:06 <badkittydaddy> not only about data communication or network security it's also abt physical property that you test
21:24:10 <badkittydaddy> it's about things that you can see
21:24:16 <badkittydaddy> it also regulates in which periods you test
21:24:23 <badkittydaddy> and this is something this could be a possible solution for a menu
21:24:30 <badkittydaddy> where you could put all the tools in the different cases
21:24:42 <badkittydaddy> this could be one solution the other solution could be it's not really a work flow here
21:24:55 <badkittydaddy> you can select the module that you need, the 17 modules and it's color coded so you know where you're started
21:25:07 <badkittydaddy> um yeah i want to know what time um
21:25:22 <badkittydaddy> there is often ppl tell me there is no 100% security
21:25:33 <badkittydaddy> who has googled security, what does security mean to you?
21:25:40 <badkittydaddy> <crowd response>
21:25:49 <badkittydaddy> risk management, protecting from risk protecting from danger
21:26:04 <badkittydaddy> in germany we have risk protection goals, integrity, <asks for translation>
21:26:08 <badkittydaddy> sorry
21:26:19 <badkittydaddy> i will look, sorry
21:26:23 <badkittydaddy> i have it, i have it
21:26:27 <badkittydaddy> yeah yeah yeah,
21:26:33 <badkittydaddy> availability yeah
21:27:28 <badkittydaddy> the easy promis of defining security in a more complex way they count the check surveys the checks that you put in to control risks or threats that you have and the limitations for the controls and limitations of the functions that you expose to the world
21:27:33 <badkittydaddy> they have a metric that is also available for free
21:27:41 <badkittydaddy> and normally i would talk about the metric now but i skipped the slide
21:28:03 <badkittydaddy> and right now we have 3 version goals the request to disable automount which makes sense if you
21:28:13 <badkittydaddy> um yeah if you want make filesystem rules
21:28:19 <badkittydaddy> not that the system just mount your device
21:28:25 <badkittydaddy> then often ppl ask how to join project
21:28:38 <badkittydaddy> if you want to contrib to fedora security lab talk to us and just if you are a pckager, just package it for us
21:28:55 <badkittydaddy> but if you want towork on structure for fedora security lalb just speak to me and we will find a ...task for you
21:29:15 <badkittydaddy> yeah and the next goal maybe we can do it here at fudcon maybe make a yum install security lab
21:29:21 <badkittydaddy> and i told you our team is not limited to some persons
21:29:34 <badkittydaddy> release engineering is also part of the security lab because without them there woud not be a release
21:29:37 <badkittydaddy> so i cannot limit it to people
21:29:39 <badkittydaddy> yeah that's it
21:29:44 <badkittydaddy> i'm on time, <laugh>
21:29:49 <badkittydaddy> thank you
21:30:14 <badkittydaddy> [ transcriber's note: my keyboard is totally not comfy for transcribing :) ]
21:30:36 <badkittydaddy> new speaker
21:30:51 <Cerlyn> badkittydaddy: Want me to take over?
21:30:56 <badkittydaddy> if you could, sure
21:31:27 <Cerlyn> Why should you protect your linux system?  simply put, it's youtr computer, to be used as you see fit
21:31:43 <Cerlyn> you have to win every day, but the cracker only has to win once
21:31:57 <Cerlyn> The approach to take must be multi-facetd with different approaches which may or may not overlap
21:32:12 <Cerlyn> some ways are automatic settings on your computer, some are habits you should adopt
21:32:24 <Cerlyn> A system under attack :  SSH log of the same
21:32:40 <Cerlyn> (ssh log of brute force login attack shown onscreen)
21:33:09 <Cerlyn> Use a router - NAT service will block unexpected packets (script scanning, crackers, login requests, etc.)
21:33:36 <Cerlyn> Question: How much attack reduction occurs by moving the SSH port?
21:33:59 <Cerlyn> In general security through obscurity; may work but also may be discovered
21:34:21 <Cerlyn> another audience member suggests the denyhosts tool to block an IP for a time duration after multiple failed logins
21:34:49 <Cerlyn> (Back to presenter) everyone should have their own account on each computer
21:35:01 <Cerlyn> shows how to use the User Manager in Fedora to add a new account
21:35:21 <Cerlyn> Manager Passwords - at least 8 characters, captial letters, small, digits, special characters, etc.
21:35:46 <Cerlyn> password should be easy to remeber but hard to guess
21:36:02 <Cerlyn> root password should be different than users
21:36:20 <Cerlyn> (Question) Some distros set root password random, don't let users set -- presenter not certain which is better
21:36:52 <Cerlyn> (Antoher audience person) From a multi-user perspective multiple logins via sudo would be better
21:37:15 <Cerlyn> Password experation a good idea; screen shown on how to do that
21:37:24 <Cerlyn> 90 days or so suggested
21:38:15 <Cerlyn> -- Control remote access to your desktop, disable VNC if not used, a system with no desktop users will not allow VNC access
21:38:27 <Cerlyn> in enabling VNC you may be broadcasting it is available over wifi
21:38:40 <Cerlyn> -- Screensaver should have password in order to unlock the screen
21:39:11 <Cerlyn> Remove automatic login
21:39:23 <Cerlyn> etc /etc/gdm/custom.conf
21:39:28 <Cerlyn> s/etc/edit
21:39:38 <Cerlyn> -- Perform updates regularly
21:39:51 <Cerlyn> usually can be done automatically unless you like to keep close control
21:40:12 <Cerlyn> as root set a cron job, or do "yum update" manually
21:40:28 <Cerlyn> Install software from Reposititories
21:41:12 <Cerlyn> Windows you control where things go; ideally with Linux you can get away with the standard package
21:41:39 <Cerlyn> (Shows where repositories can be edited from within GNOME on Fedora)
21:41:55 <Cerlyn> Or you can edit /etc/yum.conf directory to control the repository list
21:42:12 <Cerlyn> or /etc/yum/repo.d 's file.repo
21:42:31 <Cerlyn> -- Activate your firewall and tune appropriately
21:42:49 <Cerlyn> (Shows where in System menu to reach Firewall Configuration)
21:43:08 <Cerlyn> can edit /etc/sysconfig/iptables -- but manual customization of the file is not needed
21:43:30 <Cerlyn> --- Turn off unneeded system services -- often ftp, sshd, vnc, httpd, sendmail, netconsole..
21:43:37 <Cerlyn> System/Administration/Services shown
21:44:00 <Cerlyn> Or use the "setup" command, System Services tool from the console
21:44:11 <Cerlyn> changes take effect next boot
21:44:20 <Cerlyn> Limit SSH access to unly the users you allow, and exclude the root user
21:45:49 <Cerlyn> Shows how to edit SSH to do this
21:45:57 <Cerlyn> -- Install denyhosts
21:46:15 <Cerlyn> python script that analyzes sshd logs to determine which IPs have repeated login failures
21:46:33 <Cerlyn> it will modify /etc/hosts.deny
21:47:23 <Cerlyn> -- other strategies
21:47:32 <Cerlyn> Install SELinux and use it in enforcing mode
21:47:37 <Cerlyn> Use NoScript firefox plugin
21:47:51 <Cerlyn> Remove junk that accumulates over time (BleachBit)
21:47:57 <Cerlyn> Don't automount devices
21:48:04 <Cerlyn> close root terminals when you're finished
21:48:53 <mgoldmann> one small question – will be there a log available maybe?
21:49:07 <Cerlyn> -- protect your computer's physical integrity
21:49:32 <Cerlyn> they could insert a live CD or USB key or hard drive and plug it in, and do what they want
21:49:37 <Cerlyn> -- Summary
21:50:10 <Cerlyn> {mgoldmann: I belive a meeting bot is logging all fudcon room channels}
21:50:25 <mgoldmann> Cerlyn: ah, great!
21:50:59 <Cerlyn> List of bullet points from above shown
21:51:09 <Cerlyn> Presentation made with Fedora 9-14 systems except 13
21:51:22 <Cerlyn> {Applause Questions/Comments}
21:52:23 <Cerlyn> Question on why default user on many distros automatically presumed to be able to switch to root
21:52:52 <Cerlyn> root is a user when used which cannot be used to figure out who used it
21:53:08 <Cerlyn> Protecting your own password now is an important as protecting the root one
21:54:13 <Cerlyn> Someone suggests renaming the root user; other suggest this might break things
21:54:37 <Cerlyn> HTTPS everywhere and Password Maker Firefox plugins suggested
21:54:48 <Cerlyn> passwordmaker.org - has android apps, etc.
21:56:11 <Cerlyn> --- meeting ends ---
21:56:19 <Cerlyn> (Session rather)
21:59:28 * nirik finds power.
22:00:55 <brunowolff_> This session slot I'll stick to just this session and be available for questions if they have any nirik can't answer.
22:01:15 <nirik> brunowolff_: if you have things you specifically want me to ask, let me know.
22:01:28 <nirik> I think I can describe the current setup and ask what we should do moving foward.
22:03:19 <brunowolff_> Right now I don't have questions for the group. I might have some in reaction to the discussion.
22:03:48 <brunowolff_> If they start conflating the wrangler with the leader, you can clarify that. They were two people in the past.
22:03:57 <Cerlyn> #endmeeting
22:04:01 <brunowolff_> And should be again if Spins SIG is revived.
22:04:37 <nirik> yeah.
22:04:51 <DiscordianUK> i think it's all change rooms now
22:05:08 <nirik> yeah, jared is here writing on the whiteboard. we haven't started yet
22:05:10 <Nushio> Anyone gonna liveblog the spins talk?
22:05:18 <Nushio> otherwise, I'll handle it
22:05:19 <zodbot> Cerlyn: Error: Can't start another meeting, one is in progress.
22:05:33 <nirik> Nushio: that would be great. I could, but I might be talking and it's hard to talk and type.
22:05:35 <DiscordianUK> the bit is already busy
22:05:40 <DiscordianUK> bot
22:05:43 <Cerlyn> Strawman agenda
22:05:46 <Cerlyn> 1. Current Sitauation
22:05:47 <Nushio> nirik: relax, i'll handle it
22:05:49 <Cerlyn> 2. Are they worthwhile?
22:05:52 <Cerlyn> 3. Technical issues
22:05:58 <Cerlyn> 4. Governance issues?
22:06:03 <Cerlyn> 5. Possible solutions
22:06:06 <DiscordianUK> I do hope we get slides
22:06:15 <DiscordianUK> from all the presenters
22:06:16 <Cerlyn> No slides yet for this session
22:06:17 <Nushio> alright I think Cerlyn is going to be handling this one?
22:06:30 <Cerlyn> Nushio: Unless you want to; I typed the last one a bit
22:06:42 <Nushio> Cerlyn: go ahead
22:06:46 <Nushio> I just liveblogged the previous one
22:06:46 <Cerlyn> -- What is a spin?  Spins came out of 2 fudcons ago
22:07:04 <Cerlyn> basically a spin is a live version of fedora with its own package set based out of Fedora
22:07:14 <Cerlyn> securitylab, xfce, sugar, etc.
22:07:57 <Cerlyn> kind of the process existing now -- someoen comes up with the idea, comes up with the kickstart file, etc.,
22:08:05 <Cerlyn> The Spins SIG looks at it
22:08:10 <Cerlyn> The board looks at it to see if it can be called fedora
22:08:21 <Cerlyn> if the board says yes it becomes mirrored out, etc.
22:08:42 <Cerlyn> The problem is the Spins SIG essentially was Bruno and the current speaker, but that's it
22:08:53 <Cerlyn> no one else was testing, some spins didn't work, may look a bit bad
22:09:14 <Cerlyn> (another speaker) the way the process was created caused the process to be fundamentally flawed
22:09:50 <Cerlyn> Lots of stuff to test in a short 6-month timeframe to verify it works with the fedora
22:10:02 <Cerlyn> Spins SIG not given the mandate to do any release engineering
22:10:22 <Cerlyn> --- Coordinator brings the talk back to the agenda
22:10:27 <brunowolff_> Jesse cleanup after Spins SIG several times.
22:10:38 <brunowolff_> s/cleanup/cleaned up/
22:11:19 <Cerlyn> (Lots of people jumping back and forth on topics)
22:12:04 <Cerlyn> Spins SIG technically only approving the kickstart; not anything else
22:12:21 <Cerlyn> Currently ~10 Spins
22:13:22 <Cerlyn> There are download statitics, but they are not necessarily represantive
22:13:41 <brunowolff_> I think Spins SIG should have been doing more with the process and minimum quality standards. But needs more people to do that.
22:14:02 <Cerlyn> For the current situation, QA situation LFC and XFCE were tested for the current release
22:14:18 <Nushio> Alright, I'm out of power on my laptop. I'm stepping out for this session.
22:14:42 <Cerlyn> -- two different flavors of spins -- focused on desktop environment, or a common set of tools
22:14:57 <Cerlyn> the third case is the brazillian spin due to a trademark issue
22:15:29 <Cerlyn> Does it make sense to treat them all equally?
22:15:55 <brunowolff_> broffice isn't needed for future spins.
22:16:51 <Cerlyn> The other thing to point out is that it is a live image with its own package, but we may want an alternative multi-CD/DVD install as well
22:16:53 <Cerlyn> Types
22:16:57 <Cerlyn> - Desktop
22:17:02 <Cerlyn> - Vertial set of apps
22:17:05 <Cerlyn> - Virtualized
22:17:24 <Cerlyn> To what is a spin, add that spins are also a showcase
22:17:34 <NushioDroid> Cerlyn: Youre doing a great job transcribing. thanks!
22:18:40 <Cerlyn> (audience member) maybe it would be worth setting up a core package setup with a more visual experience where they can pick the package groups that they want
22:19:00 <Cerlyn> Moderator notes this has been thrown around many times before, and we are kind of there
22:19:33 <Cerlyn> As spins define now installation is not required, but has to be installable by policy
22:19:58 <Cerlyn> arguable that the security CD will often be used without installing it at all
22:20:16 <Cerlyn> --- moving on to "Are they worthwhile"
22:20:26 <Cerlyn> the Fedora board thinks that there is some level of validity to spins
22:20:44 <Cerlyn> (Audience #1) They are usable to see if something works on your hardware and has the applications that you need
22:21:21 <Cerlyn> Moderator: Why do we want spins?
22:21:46 <brunowolff_> It may be worth distinguishing between the ks files and the iso's here. For some things you really want
22:21:49 <Cerlyn> -- Sugar on a stick allows testing how users will use it without the need for an IT department's help
22:22:13 <brunowolff_> updates and don't need the iso's, but rather to be able to easily make a current one.
22:23:40 <Cerlyn> another audience member notes spins useful for QA test days
22:24:06 <Cerlyn> {Why list being created}
22:24:16 <Cerlyn> * Testing on other hardware/infro
22:24:20 <Cerlyn> * Q/A - Test days
22:24:23 <Cerlyn> * Showcase !
22:24:40 <Cerlyn> * Creative outlet
22:25:31 <brunowolff_> With persistent home you can use them on computers you don't own to run a relatively trustable OS.
22:25:54 <brunowolff_> I use them at work for some machines connected to projectors for meetings.
22:26:14 <Cerlyn> brunowolff: Are you looking for this to be relayed to the conference room, or are you here?
22:26:30 <brunowolff_> My comments have all been for relay.
22:26:37 <brunowolff_> I am not at Tempe.
22:26:39 <ke4qqq> Cerlyn: he's sadly remote
22:27:05 <brunowolff_> Well I only get to go away from home one trip a year, and it is to a board gaming tournament.
22:27:51 <Cerlyn> * Try before you buy
22:29:13 <Cerlyn> brunowolff: I'm trying to relay but the moderators trying to move things along too
22:29:42 <Cerlyn> Someone notes that they carry around many of the spins to demonstrate things
22:30:08 <Cerlyn> * Creative outlet - out of the box {modified}
22:30:15 <Cerlyn> * fastest way to install Fedora
22:31:43 <Cerlyn> devils' advocate -- a more flexible installer would allow spins to be abandoed
22:31:46 <Cerlyn> abandoned
22:32:01 <Cerlyn> some spins, but not all
22:32:19 <Cerlyn> {another person} but a group in the installer is not a showcase
22:32:57 <Cerlyn> {another} the idea has always been to form spins from package groups
22:33:42 <Cerlyn> --- 3. Technical issues?
22:34:03 <Cerlyn> * Upgrades
22:34:08 <Cerlyn> * Less flexible installer
22:34:27 <Cerlyn> * Upgrades/updates {combined}
22:34:49 <Cerlyn> * Insallation code paths
22:34:50 <Cerlyn> * Testing
22:34:57 <Cerlyn> * Image size
22:35:03 <Cerlyn> * filesystem overlay
22:35:30 <brunowolff_> If we care, nVidia drivers don't work on live images.
22:36:42 <Cerlyn> brunowolff: The binary-only ones?
22:36:56 <Cerlyn> * too many options to setup your system
22:36:57 <brunowolff_> Using live images on optical media is very slow due to seek time.
22:37:30 <brunowolff_> Yes. They need to be installed on a system that has the right hardware. They don't auto detect like Fedora's drviers do.
22:37:47 <Cerlyn> * media seek times {relayed/added}
22:37:54 <brunowolff_> With nouveau improving it's less of an issue.
22:38:04 <Cerlyn> * audit trail (the perl problem)
22:38:16 <brunowolff_> I never tested catalyst, but wouldn't be surprised if they didn't work either.
22:38:32 <Cerlyn> * mirroring/disk space
22:39:07 * nirik hopes we get to the ... profit^Wsolutions part of the talk.
22:39:53 <Cerlyn> * one at a time
22:40:08 <Cerlyn> image size can be seen as a constraint as well as a storage issue
22:40:10 <brunowolff_> I think direction to go would be enough. Once we have a direction, I don't think solutions will be that hard.
22:40:22 <Cerlyn> --- 4. Governance issues?
22:40:30 <Cerlyn> * meetings
22:40:43 <Cerlyn> * brand dilution
22:41:02 <Cerlyn> * Why a Spins SIG/wrangler?
22:41:02 <brunowolff_> Relay: I felt it difficult to impose requirements on people doing spins when it was just Kevin and I to make decisions.
22:41:22 <brunowolff_> I didn't feel that was enough people to get a consensus.
22:41:37 <brunowolff_> The wrangler does initial technical review.
22:41:50 <Cerlyn> * responsibility/workload
22:41:57 <brunowolff_> And was also envisioned to liason with Releng.
22:42:31 <brunowolff_> The wrangler could certainly ask for help doing reviews if there was anyone to ask.
22:42:47 <Cerlyn> brunowolff: Relayed
22:42:55 <Cerlyn> * lack of response/communication
22:43:03 <brunowolff_> The Spins leader was supposed to do vision things with spins.
22:43:29 <brunowolff_> Like suggesting goals for improvement, leading discussions on minimum standards.
22:44:45 <brunowolff_> Helping to define criterea for accepting or rejecting proposals for new spins related to their theme.
22:45:16 <Cerlyn> * point of contact
22:45:30 <brunowolff_> Other workers were needed to help the wrangler, document process and the like.
22:45:51 <Cerlyn> * combersome process
22:45:59 <Cerlyn> * too many deicison makers
22:46:45 <Cerlyn> * branding/design of particular spins
22:49:48 <Cerlyn> * resources
22:49:55 <Cerlyn> --- 5. Possible solutions
22:53:12 <Cerlyn> Discussion about mirrioring -- gentleman's agreement not to go over 1 Terabyte per meet
22:53:20 <Cerlyn> s/meet/release
22:53:30 <Cerlyn> not all spins mirrored, many are
22:55:41 <Cerlyn> Fedora board has authority over the trademark; with the spins sig became a bit of a rubber-stamping exercise
22:55:41 <brunowolff_> I'd like to see us really cut back on the iso's and do my ks publishing instead. People would be expect to create their
22:56:00 <brunowolff_> own images with up to date packages when they wanted.
22:56:48 <brunowolff_> I'd also like to see the ones for which we do iso's not be one man shows and have teams of people that
22:57:00 <brunowolff_> can be drawn on for testing and other tasks.
22:57:41 <Cerlyn> * require to build media with kicstart
22:57:43 <brunowolff_> Maybe cutback to Desktop, KDE and possible XFCE and LXDE.
22:57:48 <Cerlyn> * require spins to participate in SIG
22:58:11 <Cerlyn> * nightly reports
22:58:41 <brunowolff_> I think people were already required to participate in Spins SIG if they wanted an official spin.
22:59:18 <Cerlyn> * allow spin sig final approval (excluding trademark approval)
22:59:19 <brunowolff_> They just didn't, and the turn out was so bad that punishing those that didn't wasn't workable.
22:59:37 <Cerlyn> * disconnect spin release cycle from the main
23:00:11 <brunowolff_> Note Spins SIG doesn't have criterea for determining which Spins should be rejected.
23:00:17 <Cerlyn> * no one-man shows
23:00:24 <brunowolff_> (Other than on technical merits.)
23:01:12 <Cerlyn> meeting ended
23:01:27 <Cerlyn> Next topic: Using the SELinux Sandbox / Dan Walsh
23:01:44 <nirik> no real solutions found. perhaps we will find one in the hackfests.
23:03:04 <brunowolff_> I'll look to see if one is scheduled later. On Monday it will be harder (or impossible) for me to participate, depending on the time.
23:03:10 <DiscordianUK> ooh are dan's slides up yet?
23:03:28 <Cerlyn> locally yes; don't know about elsewhere
23:04:08 <DiscordianUK> I'd have made sure if I was there to see his talk and our esteemed leaders
23:04:35 <Cerlyn> he has a talk tomorrow on writing policy
23:04:52 <Cerlyn> this a repeat of his talk from last year
23:04:59 <DiscordianUK> yeah i do we get slides from both
23:05:06 <stickster> Cerlyn: Just raise a hand and ask him if he's got them available on his fedorapeople.org space
23:05:06 <DiscordianUK> I do hope
23:05:24 <stickster> DiscordianUK: http://dwalsh.fedorapeople.org/
23:05:26 <DiscordianUK> I'd imagine he would
23:05:29 <DiscordianUK> ta
23:05:37 <stickster> http://dwalsh.fedorapeople.org/SELinux/Presentations/
23:05:57 <stickster> I don't see anything later than Sept 2010 there but he might be using an existing deck
23:06:38 <Cerlyn> What is a sandbox - run general applications in a locked down environment
23:06:40 <Cerlyn> this looks like the sandbox.pdf file there
23:06:47 <DiscordianUK> likewise there's nowt new there
23:06:57 <Cerlyn> http://dwalsh.fedorapeople.org/SELinux/Presentations/sandbox.pdf
23:07:09 <Cerlyn> Run untrusted applications or filters on untrusted data
23:07:28 <Cerlyn> But in reality you trust things somewhat; otherwise you would never run Firefox in the first place
23:07:31 <Cerlyn> but it might have some bugs
23:07:40 <stickster> Beauty! thanks Cerlyn
23:08:02 <Cerlyn> Vulnerabilities - allow filtering tools to read untrusted content
23:08:26 <Cerlyn> Examples of sandboxes - chroot, chrome-snadbox, OLPC/bitfrost, Java sandbox, SELinux xguest
23:08:47 <Cerlyn> SELinux - Standard SELinux is difficult to use on random applications
23:10:44 <Cerlyn> two processes with the same type can attack each other
23:11:10 <Cerlyn> Standard SELinux Sandbox - Execution of any app within SELinux Confinement
23:11:13 <Cerlyn> Blocks "Open" call
23:11:21 <Cerlyn> Allows read/write on inherited file descriptors
23:11:25 <Cerlyn> Temporary storage allowed
23:12:37 <Cerlyn> Uses MCS (uniquely generated) Labels for seperation
23:13:07 <Cerlyn> Excellent for scripting
23:13:12 <Cerlyn> Confinement of grid jobs
23:14:33 <Cerlyn> What about the desktop?
23:15:00 <Cerlyn> - how to confine Acrobat Reader(tm), Large communication paths for a variety of things (X server, home directory, gconf, Dbus...)
23:17:09 <Cerlyn> /usr/bin/sandbox
23:17:41 <Cerlyn> Setup file system, creatings new directories in home and /tmp; selects a random MCS label,
23:17:47 <Cerlyn> Labels directories sandbox file sandbox_file_t:MCS1
23:18:07 <Cerlyn> Copy executible/input files to homedir & time; creates .sandboxrc in homedir with command
23:18:22 <Cerlyn> Executes new utility seunshare; uses sandboxX.sh
23:18:30 <Cerlyn> Deletes temporary $HOME & /tmp
23:19:10 <Cerlyn> -- seunshare is a C Setuid Program
23:19:31 <Cerlyn> --- Sandbox X Components
23:21:04 <Cerlyn> Xephyr -- Xace (trusted X windows) does not work
23:21:19 <Cerlyn> Xephr gives every sandboxed app its own X server
23:22:22 <Cerlyn> Window manager used to run apps full screen
23:23:16 <Cerlyn> uses Matchbox, or you can use the -W flag to specify another such as metacity
23:23:32 <Cerlyn> This works because Gnome/GTK apps create contect in the home directory on the fly
23:24:15 <Cerlyn> Firefox creates a new .mozilla directory, etc.
23:24:29 <Cerlyn> SELinux policy - sandbox types are shown on a slide
23:24:48 <Cerlyn> -- sandbox -X problems
23:25:21 <Cerlyn> Windows cannot resize (on Fedora; patched fix in RHEL6)
23:25:24 <Cerlyn> No cut & paste
23:25:31 <Cerlyn> User confusion
23:25:39 <Cerlyn> - don't want to write a document while in a sandbox which will be destroyed
23:26:36 <Cerlyn> -- Future potential items
23:26:51 <Cerlyn> MLS? {Trusted environment}
23:26:55 <Cerlyn> Save sandbox directory?
23:27:39 <Cerlyn> {A demonstration is shown}
23:29:00 <Cerlyn> Showing two xterms, one sandboxed, one not
23:29:43 <Cerlyn> sandboxed one cannot see all processes, /tmp files, etc.
23:29:57 <Cerlyn> sandboxed xterm cannot ssh to another, sudo to root, etc.
23:32:56 <Cerlyn> Shows evince (PDF reader) sandboxed
23:33:33 <Cerlyn> has rigged firefox to always download PDF files in a sandboxed evince
23:33:52 <Cerlyn> the sandbox can detect if a document has been changed which was passed into it
23:35:25 <Cerlyn> there are no obvious signs of performance degredation due to opening files in a sandbox
23:36:26 <Cerlyn> shows firefox sandboxed using one of the different types which allows web access
23:38:51 <Cerlyn> working on how to make firefox instances which can only talk to intranet or Internet sites; watch his blog for details
23:40:36 <Cerlyn> Shows the ability to use the MLS label to force a "secret" level seperate desktop environment
23:40:51 <DiscordianUK> oooh MLS
23:41:04 <DiscordianUK> is that a new set of slides?
23:41:08 <Cerlyn> although due to a bug some of the gnome panels have issues while sandboxed
23:41:25 <Cerlyn> there have been no slides shown since the demonstration started
23:41:36 <Cerlyn> It looks like the PDF on the website matches the slides he showed today
23:41:37 <DiscordianUK> ahh okay
23:41:52 <DiscordianUK> thank you
23:45:28 <Cerlyn> {applause}
23:45:57 <Cerlyn> #endmeeting { Using the SELinux Sandbox / Dan Walsh }
23:46:47 <DiscordianUK> kudos to Dan
23:46:55 <DiscordianUK> and thanks to you
23:51:16 <harish_> #endmeeting