Weekly Edition
Return to the Press page
| |||||||||||||
|
| |||||||||||||
Ottawa Linux Symposium2005: first day (O'Reilly)
Andy Oram
covers
the first day of the 2005 Ottawa Linux Symposium on O'Reilly.
"One advantage of the close examination that a conference like this one gives to its subject matter is that you see the unsavory underside. Marcel Holtmann zipped expertly through a comprehensive assessment of the state of Bluetooth on Linux (the BlueZ project) and how far each protocol had come. Martin J. Bligh reported the frustrations of making memory management robust on Linux. Even though millions of sites are comfortably and reliably running Linux, the basic operating system task of memory management has a way to go."
(Log in to post comments)
Ottawa Linux Symposium2005: first day (O'Reilly) Posted Jul 22, 2005 4:06 UTC (Fri) by lj (guest, #376) [Link] Jonathan, would you be interested in doing a thorough critique of SELinux?
Ottawa Linux Symposium2005: first day (O'Reilly) Posted Jul 22, 2005 8:36 UTC (Fri) by erwbgy (subscriber, #4104) [Link] I think it is only reasonable to become a subscriber if you are going to make such requests.After all, it is subscription fees that pay for our editor's time.
Ottawa Linux Symposium2005: first day (O'Reilly) Posted Jul 22, 2005 10:10 UTC (Fri) by nedrichards (subscriber, #23295) [Link] Well, I'm a subscriber and would be very interested in reading whatever he thought about SELinux.
Ottawa Linux Symposium2005: first day (O'Reilly) Posted Jul 22, 2005 11:14 UTC (Fri) by corbet (editor, #1) [Link] I didn't really say anything about SELinux at OLS; Andy is referring partially to a private conversation we had. My complaint is hardly original: SELinux is a complex beast, and complexity is not often the best path to security. See this article from last November for more.
Ottawa Linux Symposium2005: first day (O'Reilly) Posted Jul 22, 2005 12:30 UTC (Fri) by Junior_Samples (guest, #26737) [Link] There is an interesting alternative to SELinux. It is named Grsecurity. It provides most of the benefits of SELinux, but in a much, much more manageable form. It is very easy to come up to speed on Grsecurity, and you quickly gain confidence in your ability to customize and modify system policy. Recommended.
Ottawa Linux Symposium2005: first day (O'Reilly) Posted Jul 22, 2005 19:15 UTC (Fri) by mmarq (guest, #2332) [Link] " The SELinux source policy is a sophisticated software system. It includes dozens of object classes, scores of defined permissions, more than 1,000 type transitions, thousands of object instances, and tens of thousands of access-vector rules. "
It can only mean that the configuration language has some kind of a userspace interpreter, no ?
IMO a good alternative is to have some kind of *hypervisor* shell, different from the root shell, totally dependent of a *token autentication*(as in some drafts of the Kerberos protocol) that could be a smart card or a USB flash disk ?... it will guarantie that remote changing of a policy file will be impossible.
Ottawa Linux Symposium2005: first day (O'Reilly) Posted Jul 22, 2005 21:54 UTC (Fri) by zblaxell (subscriber, #26385) [Link] Already, two speakers have made wisecracks about OpenOffice.org, tagging it as a bloated memory hog. I have the suspicion that some attendees see Linux as something to run for its own intrinsic value, rather than as a platform for useful applications that can actually help people accomplish something.I think Andy missed the point: OpenOffice.org is a bloated memory hog. It's astronomically huge, by far the single most resource-intensive application that many users will ever run on their dekstop. It's also one of the most likely applications to be used on a user's desktop. Several of the projects presented at OLS use OpenOffice as a test case for these reasons alone. Nobody cares if someone makes xterm and vi load 4000% faster...
|
|
||||||||||||