From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-150518-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 976461381F3
	for <garchives@archives.gentoo.org>; Mon,  9 Sep 2013 16:41:46 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id A0048E0B76;
	Mon,  9 Sep 2013 16:41:40 +0000 (UTC)
Received: from uberouter3.guranga.net (unknown [78.25.223.226])
	(using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id A0346E0B6A
	for <gentoo-user@lists.gentoo.org>; Mon,  9 Sep 2013 16:41:39 +0000 (UTC)
Received: from [192.168.151.100] (unknown [192.168.151.100])
	(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by uberouter3.guranga.net (Postfix) with ESMTPSA id 3761682337
	for <gentoo-user@lists.gentoo.org>; Mon,  9 Sep 2013 17:41:38 +0100 (BST)
Message-ID: <522DFA42.7070906@thegeezer.net>
Date: Mon, 09 Sep 2013 17:41:38 +0100
From: thegeezer <thegeezer@thegeezer.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130804 Thunderbird/17.0.8
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user]  Internet security.
References: <522D257C.5060902@gmail.com> <522D9689.6080309@thegeezer.net> <20130909142822.GA12070@bifrost.fritz.box> <522DE997.9000706@thegeezer.net> <20130909160414.GB12070@bifrost.fritz.box>
In-Reply-To: <20130909160414.GB12070@bifrost.fritz.box>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 67e803b4-6148-4e94-bf33-56b05e7d97ba
X-Archives-Hash: 84688689faba549b2361877d01472740

On 09/09/2013 05:04 PM, Hinnerk van Bruinehsen wrote:
> On Mon, Sep 09, 2013 at 04:30:31PM +0100, thegeezer wrote:
>>
>> Interesting, I didn't realise LSM provisioned hooks for SELinux -
>> thought it it was more modular (and less 'shoehorned') than that. 
>> I need to go read about that some more now
>
> You can start here:
>
> http://www.freetechbooks.com/efiles/selinuxnotebook/The_SELinux_Notebook_The_Foundations_3rd_Edition.pdf
>
> for a general overview (page 64ff has a list of the hooks).
> Other than that http://www.kroah.com/linux/talks/ols_2002_lsm_paper/lsm.pdf and
> http://www.nsa.gov/research/_files/publications/implementing_selinux.pdf may be
> of interest (though both are quite old).
>
> WKR
> Hinnerk
thanks muchly :)