equivocation: ambiguity or uncertainty of meaning in words; misapprehension arising from the ambiguity of terms; the using of a word or phrase in more than one sense. OED

The equivocation web site is primarily a set of personal notes about software, techniques, and other topics I find interesting or useful. Why is it called "equivocation"? Because descriptions of software and computer related techniques easily succumb to equivocation. I will endeavour to avoid this (although, I don't promise to succeeded).

Recent entries

Notes on SElinux: configuration

In fedora the SElinux set-up and configuration files are in /etc/selinux. Most of these are created/modified using SElinux administration tools such as "semanage" (we will look at these tools later). In addition to the configuration files governing the overall SElinux set-up, the policy rules can also be tweaked without needing to even look at the policy rules themselves. This is done through booleans, on-off switches that modify how a particular rule or set of rules in the active policy work.

Notes on SElinux: initial concepts

Here are some of my notes on using SElinux (Security Enhanced linux) in fedora. By default in fedora (including and above core 4) SElinux is installed and a targeted policy is active. The targeted policy is where the default (non-SElinux) linux security is followed, but a few targeted programs have limits imposed on what they can do (I'll talk more about the targeted policy in later notes). There is a lot of terminology in the SElinux world, and this can make some of the quite intuitive concepts much less intuitive. SElinux can be a very useful security tool, and it is worth looking at what it can do.

Port knocking and single packet authorization

I just read a good article by Michael Rash about port knocking and SPA (single packet authorization), basically both ways of trying to solve the problem of opening ports only to authorized clients. It provides a nice overview to both approaches and highlights the advantages of SPA. Looks like Michael plans a follow-up article that may also be useful to look at.

Glimpsing the nightmare: compatibility issues

I was working on the CSE javascript with the aim of ensuring it works on IE7 (at the moment I have only bothered setting it up for Gecko), and all I have to say is YUK. At first I was surprised that all of encryption and decryption code worked and the general methods for manipulating the DOM were compatible.

Syndicate content