click links in text for more info
SUMMARY / RELATED TOPICS

Security-Enhanced Linux

Security-Enhanced Linux is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls. SELinux is a set of kernel modifications and user-space tools that have been added to various Linux distributions, its architecture strives to separate enforcement of security decisions from the security policy, streamlines the amount of software involved with security policy enforcement. The key concepts underlying SELinux can be traced to several earlier projects by the United States National Security Agency. From NSA Security-enhanced Linux Team: NSA Security-Enhanced Linux is a set of patches to the Linux kernel and utilities to provide a strong, mandatory access control architecture into the major subsystems of the kernel, it provides an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering, bypassing of application security mechanisms, to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications.

It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals. A Linux kernel integrating SELinux enforces mandatory access control policies that confine user programs and system services, as well as access to files and network resources. Limiting privilege to the minimum required to work reduces or eliminates the ability of these programs and daemons to cause harm if faulty or compromised; this confinement mechanism operates independently of the traditional Linux access control mechanisms. It has no concept of a "root" superuser, does not share the well-known shortcomings of the traditional Linux security mechanisms, such as a dependence on setuid/setgid binaries; the security of an "unmodified" Linux system depends on the correctness of the kernel, of all the privileged applications, of each of their configurations. A fault in any one of these areas may allow the compromise of the entire system. In contrast, the security of a "modified" system depends on the correctness of the kernel and its security-policy configuration.

While problems with the correctness or configuration of applications may allow the limited compromise of individual user programs and system daemons, they do not pose a threat to the security of other user programs and system daemons or to the security of the system as a whole. From a purist perspective, SELinux provides a hybrid of concepts and capabilities drawn from mandatory access controls, mandatory integrity controls, role-based access control, type enforcement architecture; the earliest work directed toward standardizing an approach providing mandatory and discretionary access controls within a UNIX computing environment can be attributed to the National Security Agency's Trusted UNIX Working Group, which met from 1987 to 1991 and published one Rainbow Book, produced a formal model and associated evaluation evidence prototype, unpublished. SELinux was designed to demonstrate the value of mandatory access controls to the Linux community and how such controls could be added to Linux.

The patches that make up SELinux had to be explicitly applied to the Linux kernel source. The NSA, the original primary developer of SELinux, released the first version to the open source development community under the GNU GPL on December 22, 2000; the software was merged into the mainline Linux kernel 2.6.0-test3, released on 8 August 2003. Other significant contributors include Red Hat, Network Associates, Secure Computing Corporation, Tresys Technology, Trusted Computer Solutions. Experimental ports of the FLASK/TE implementation have been made available via the TrustedBSD Project for the FreeBSD and Darwin operating systems. Security-Enhanced Linux implements the Flux Advanced Security Kernel; such a kernel contains architectural components prototyped in the Fluke operating system. These provide general support for enforcing many kinds of mandatory access control policies, including those based on the concepts of type enforcement, role-based access control, multilevel security. FLASK, in turn, was based on DTOS, a Mach-derived Distributed Trusted Operating System, as well as on Trusted Mach, a research project from Trusted Information Systems that had an influence on the design and implementation of DTOS.

SELinux users and roles do not have to be related to the actual system roles. For every current user or process, SELinux assigns a three string context consisting of a username and domain; this system is more flexible than required: as a rule, most of the real users share the same SELinux username, all access control is managed through the third tag, the domain. The circumstances under which a process is allowed into a certain domain must be configured in the policies; the command runcon allows for the launching of a process into an explicitly specified context, but SELinux may deny the transition if it is not approved by the policy. Files, network ports, other hardware have an SELinux context, consisting of a name and type. In the case of file systems, mapping between files and the security contexts is called labeling; the labeling is defined in policy files but can be manually adjusted without changing the policies. Hardware types are quite detailed, for instance, bin_t or pos

Boghall Cricket Club Ground

Boghall Cricket Club Ground is a cricket ground in Linlithgow, Scotland. The first recorded match held on the ground came in 1969 when West Lothian played Edinburgh Academicals. Between 1995 and 1998 the ground hosted a number of touring teams in minor matches, which included matches against the Netherlands and the touring Bangladeshis; the ground held its first first-class match when Scotland played against Ireland in 1996. Two further first-class matches were played there, one in 1998 when Scotland played Australia A, another in 1999 when Scotland played South Africa Academy; the ground held its first List A match when Scotland played Yorkshire in the 1998 Benson & Hedges Cup. The following year Scotland played another List A match against the Nottinghamshire Cricket Board in the NatWest Trophy; the third and to date final List A match played at the ground came in the 2002 Cheltenham & Gloucester Trophy against Dorset. The ground is still used today by West Lothian Cricket Club. Boghall Cricket Club Ground at ESPNcricinfo Boghall Cricket Club Ground at CricketArchive

Greg Novak

Greg Novak was a wargame designer, author of dozens of games, rules supplements and scenario books, his most notable contributions including the Volley & Bayonet series and several works about the American War of Independence. Born on September 4, 1950 in Chicago, son of George and Sylvia Novak, married to Donna Oakes Gerbino on July 19, 1997, Greg Novak worked as a librarian at Edison and Jefferson middle schools for 31 years, for the Champaign Office of Education, he was active in the Champaign Teachers Federation, serving as a building steward, member of the collective bargaining unit, vice president and president. Upon his retirement he was elected to the Champaign Board of Education. After his death Champaign Unit 4 Schools named their Alternative High School facility in his honor. Greg Novak was a key figure in the wargaming hobby, leaving a lasting and internationally recognized legacy both as an author and as a promoter of wargaming events. Among his main contributions as an author should be listed: Boardgames Guilford Courthouse – GDW1978Rules Fire and Steel - Rules for Battles with System 7 Napoleonics, GDW 1978 Charlie Company - Infantry Combat in Vietnam 1965-1972, Ulster Imports 1988 Yellow Ribbon: Rules for the Indian Wars, 1850-1890, Ulster Imports 1988 Over the Top, WW1 Command Decision series rules, GDW 1990 Volley & Bayonet, GDW 1994 Charlie Company - Infantry Combat in Vietnam 1965-1972, RAFM 1997 Volley & Bayonet: Road to Glory, TOB Games 2008 Rules supplements and Scenario books And Continually Wear the Blue: A Short Guide to the U.

S. Army & the'Indian Wars' 1850-90, RAFM 1989. A Guide to the American War of Independence in the North, Ulster Imports 1990 Remember the Maine and to Hell with Spain: Being a Wargamer's Guide to the Spanish American War 1898, Ulster Imports, 1990 Battles of the American Civil War – A Volley & Bayonet supplement, GDW 1994 The Rough Riders - Vol.1: A Volley & Bayonet Supplement for the Spanish–American War, GDW 1999. The Rough Riders - Vol.2: A Volley & Bayonet Supplement for the Spanish–American War, GDW 1999. The American War of Independence - Book 1: The Northern Campaigns, Old Glory The American War of Independence - Book 2: The Southern Campaigns, Old GloryGreg Novak was Editor of the Command Post Quarterly magazine - Member of the Legion of Honour, Historical Miniatures Gaming Society - East Bring up the rear Greg Novak at Find a Grave

Glencoe Museum

Glencoe Museum is located in a Victorian house in west downtown Radford, Virginia. The house was built in 1870 in the 19th century Victorian style Second Empire, was the postbellum home of Confederate Brigadier General Gabriel C. Wharton, it is a large, two-story, five bay, brick dwelling, had quite extensive grounds. The original house had a barn, chicken coop, smoke house, an ice house; the name Glencoe is thought to be inspired by Anne Wharton's ancestry. Her family was from Scotland; the house didn’t appear on Radford's tax records until 1876. The house was kept in the family till 1996 when, after being deserted for 30 years, the house was given to the city of Radford; the house and grounds were donated by the Kollmorgen Motion Technology Group. The house features some Victorian period rooms and displays about Radford's history, including Native American artifacts, early settlers, Mary Draper Ingles, local industries, river transportation, educational institutions and local sports. There is an art gallery with changing exhibits of the art and works of contemporary Appalachian artists.

Glencoe was listed on the National Register of Historic Places in 2000. Glencoe Museum - official site

Acantholyda erythrocephala

Acantholyda erythrocephala is a species of sawfly in the family Pamphiliidae known as the red-headed pine sawfly or the pine false webworm. Native to Europe, it has been introduced into North America. Fully-grown larvae of A. erythrocephala have yellowish heads spotted with dark brown, greenish-grey bodies with purplish longitudinal stripes on the top and sides. Erythrocephala signifies "redhead", a feature of the adult imago; the species is native to Europe and was introduced to North America in 1925, where it has become widespread in northern parts of the United States and Canada, where it is a major pest of white pine. Other trees infested include Scots red pine. Adults emerge in late spring, after mating, the female lays eggs on the previous year's needles; the eggs hatch in about two weeks and the larvae move to the base of the old needles and start to feed, only moving on to new needles if they exhaust the supply of old ones. The larvae construct silken webbing inside which they live in tubes, chewing off needles and pulling them inside the tubes for consumption.

Older larvae construct their own individual tubes. By the end of June the larvae are developed and fall to the ground where they create earthen cells in which they spend the winter. In Europe, the larvae of Acantholyda erythrocephala are attacked by the parasitoid Tachinid fly Myxexoristops hertingi. In 2002, 2003 and 2004, in an effort to initiate a biological control programme in North America, pupae of this fly were imported from Italy and released in Ontario in an area of red pine infested with sawfly larvae; because populations of sawfly larvae have large natural swings, the impact of the parasitoid fly was difficult to evaluate. Another biocontrol measure investigated involved using an aqueous suspension of Neodiprion abietis nucleopolyhedravirus. Defoliation by the sawfly larvae does not directly kill a tree, but it weakens it, allowing pathogens and pests such as bark beetles to attack, these may result in mortality