I’ve just given a presentation on SELinux Sandboxing at FOSS.my 2009 in Kuala Lumpur — the slides are available for download as a PDF file here.

The presentation was an overview of sandboxing as a concept; how we can enhance it with MAC security; and how it’s being implemented in Fedora 12 with SELinux. I also discussed the need for a standard security API for Linux, so that developers will be more inclined to incorporate enhanced security support in their software, and to generally increase security adoption via standardization. We’ve seen this work well thus far with sVirt, so it should be feasible

The SELinux Sandbox stuff will be familiar if you’ve seen Dan Walsh’s recent talks on the topic, although in this case, I included his cell phone number in the presentation if people have detailed questions, seeing as he’s not here in person.

It’s been yet another busy conference trip, with KS and JLS last week — I attended some of the JLS security talks and a Japanese Secure OS user group dinner. It was a very interesting and productive time.

I dented this a few days ago, but got no answer (and also dragged DaveM to see it & he couldn’t figure it out, either): does anyone know what this mystery object is?

It’s a spinning, blue and white striped cone near the ceiling of an underground Tokyo subway entrance.