SELinux Symposium 2007

I’m in Baltimore for the 2007 SELinux Symposium. The past two days have been for tutorials, with two days now for the conference, and then a final developer summit day.

SELinux Symposium 2007

This morning’s keynote featured a talk by Richard Schaeffer, Director of Information Assurance at the NSA. Richard has been in this business for a very long time, and he provided some very interesting perspectives on computer security (I think the slides will eventually go up on the web site). We then had two sessions of solid technical talks, and are currently in the first of two WIP sessions. There’s a lot of interesting work happening now extending SELinux out past the base OS, with increasingly mature analysis and development tools, as well as continued refinements to the core technology.

Chris Vance’s SEDarwin talk was particularly interesting: apparently the next version of OSX will ship with the TrustedBSD MAC framework. This won’t initially include the SE Darwin work, but hopefully it’ll be possible to get it running without too much trouble.

There’s also good progress being made on extending SELinux to the desktop, as described in NSA talks on GConf integration and X.org integration. Xinwen Zhang of Samsung gave an interesting talk on extending SELinux to mobile platforms (such as cell phones), and related research into platform integrity.

The SELinux community is growing and looking very healthy, although I think we can still do a lot more to encourage wider participation.