Re: The NSA's Security-Enhanced Linux

["M.Schubert" <schubert () fsck org>]

> I have a couple of spare PCs sitting 'round.  How 'bout I put up a
> copy of this on nsa.spy.org and give people free run of the system?
> *grin*

Actually a wargame-like box (set up behind a firewall/router to block
naughty children from doing bad things of course) running selinux would
be a neat way to test the security of the system. Already there has
been one buffer overflow problem posted on bug-traq (yesterday). Of
course whoever admined the box would probably have to be active in
keeping up with the latest developments of it since alot of changes are
probably going to occur over the next few months.

> pps: I have an 8 processor sparc I've been meaning to open up with
> Pitbull.  These could be nice playgrounds.

I've got a personal license for x86 (*shrug* don't have the extra cash
to burn on a low-end sparc) but finding a copy of solaris 7 x86 from
11/98 to 5/99 (can't remember the exact dates offhand) is a pain (you'd
_think_ ebay would have one...). Pitbull would be another fun box for a
wargame (a verbose HOWTO Pitbull configuration doc would be something
on the todo list..)

--
-- M. Schubert          - mschuber () uci edu
-- Security Specialist - michaels () lightspeedsystems com
-- Sys Admin            - schubert () fsck org