Firstly, if the slug mailing list only accepts postings from members could one of the committee please forward this. Also if you want to reply then please CC me.
I've just listened to the MP3 I made of my SLUG talk. One question I couldn't answer at the time was whether the start-stop-daemon program in Debian prevents hostile programs from pushing key-presses into the buffer via /dev/tty. The answer is no, so I'll start working on this again. Also I just discovered that the Red Hat runuser program (the program who's name I couldn't recall during my talk) didn't end up getting the feature in question, the fix is now in rawhide in version 5.93-2 of coreutils. In regard to the issue of "su code being rather hairy and no-one wanting to change it", the coreutils change in question makes the "-c command" option to su be an indication that a controlling tty is not needed (in a similar manner to "ssh [EMAIL PROTECTED] comand"). This is only in rawhide at the moment, it will be interesting to see what feedback we get from this. http://www.coker.com.au/selinux/play.html The above URL has information on my "Play Machine" which has an open root password. Feel free to login and test it out, but remember that DOS attacks are not acceptable. The Debian package of coreutils has now got SE Linux support, and the kernel image packages are getting the auditing enabled. So Debian now has the full SE Linux support. All that is needed now is more policy work and support from the installer. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
