My New Favorite Toy
Okay, I have a new favorite toy. It's called Engarde Secure Linux . This secured Linux distribution goes beyond the normal SELinux capabilities with a restricted root and true Mandatory Access Controls (remember your CISSP training?) Why do I care? A few years ago I was tasked with building a secure file transfer system that was built on existing tools which a "partner" company could acquire and tie into, and it had to be easily automated. Based on the requirements (and taking a guess at what regulatory requirements were going to pass legislation) I built a system running on a Solaris box that SCPed data to- and from- partner companies. This data was PGP encrypted (if we were sending it) to the customer's PGP key, or it was received from the partner and automatically decrypted via PGP command line. This posed a few problems. The enterprise version of PGP command line (from Network Associates at that time) required that the passphrase be read from a text file, sto...