Bio

Paul Wayper has been programming for over two decades. In that time he has seen many things fail - fortunately most of it hasn't been his code. Security in programming must follow a 'defence in depth' approach, and SELinux fits into that process perfectly.

Paul is the organiser of the Canberra Linux Users Group, and a variety of small projects most of his own devising. He has spoken at OSDC 2008, LCA 2009, and at SLUG and CLUG meetings.

SELinux for Programmers

SELinux has been a feature of modern Linux distributions for the last five years. The original "targeted" policy covered common daemons such as SaMBa and Apache; over the years this has extended out to cover over 140 programs, daemons and common utilities. SELinux's flexibility combined with its deep links into the kernel provide an excellent way for any program to integrate into the Linux security model.

Unfortunately, many myths still surround the process of generating the policy files that SELinux uses to control applications. Paul's talk intends to dispel some of those myths: for example, writing policy files does not require arcane rituals or any sacrifices, does not need to be performed only by initiated masters of any secret society, and does not need to be a binding and irrevocable contract with any infernal being. In fact, ordinary programmers can write SELinux policy files easily and simply! This talk will attempt to show you how.