Before I begin, I would like to congratulate everyone to a Happy Deepavali and Hari Raya, and I hope that everyone has had very nice Holiday. Similiarly with the MyOSS? Meetup falling in the month of Ramadan, Khairil and myself purchased a handful of karipaps for everyone, and also our gracious sponsor SEACEM ( http://www.seacem.com ) for helping sponsor both the location and the teh tarik for the meetup. Similarly kudos to Paul Ooi ( http://www.paulooi.com ) for arranging this setup for us.

To be honest, this was quite an exciting meetup. There were quite a large number of attendees (thirty over!) and the topics were both fun and interesting. Don't worry, I will try my best to cover all the details in this installment of the MyOSS? Meetup review.

The meetup started with my usual introduction and Chong Tsewai started on the scene with his knowledgable talk on Security Enhanced Linux ( SELinux? ).

Security Enhanced Linux

In this day and age, security is of upmost importance to anyone. A company's information is their most valuable asset. If the company perhaps lost their information because of a security vulnerability in the software their using, and also because of bad backing up procedures, they are at the risk of closing down. Here tonight, Chong Tsewai was able to introduce us to Security Enhanced Linux. Chong Tsewai's presentation went into quite alot of detail, and I regret not being able to fully follow it. Nonetheless, I will try to explain it as much as I can and to the best of my abilities.

Initially developed by the NSA in 2000, SELinux? was created for demonstrating that developing and using a secure operating system is possible. SELinux? was originally a modification of the Linux kernel, but after the public announcement of SELinux?, it was realized that Linux needed to be modified to accept security extensions known in Linux as the Linux Security Modules ( LSM ) framework. Thus the introduction of SELinux? not only helped bring more security to the Linux kernel, but it also helped foster the development of LSM allowing other security models to be employed.

Security Magic

SELinux? utilizes the Flask architecutre and a Mandatory Access Control (MAC) Security Model for employing security. In the Flask Security Architecture, policy enforcement code and policy decision making code are seperated providing a clean implementation of the two.

The policy decision making code makes up the security server, which the Linux kernel will access to determine a process's security policy. Sitting between the server and the enforcement policies is the Access Vector Cache (AVC). The AVC caches the enforcement policies in memory to minimize performance overhead.

Meanwhile the policy enforcement code is embedded into the many subsystems of the kernel, for example the filesystem code, networking code, and process management code. This policy enforcement code requests from the security server for the policy decisions.

The security policy dictates a process's access to the system. If no security policy exists, access is completely denied. This essentially creates a jailed environment for the process, for example, an webserver would only have access to '.html', '.htm', or '.php' files. Thus, if a vulnerable process was compromised, the damage inflicted by the process would only be limited to what that process can access.

I regret that this is just a basic introduction of SELinux?, as the whole subject matter was intricate and complex. I owe MyOSS? Magazine one SELinux? article, in detail.

Podcasting: Part Deux

Because of the limited time frame in the previous Meetup, Linus Lai was unable to complete his presentation on Podcasting. So he comes back this time completing his presentation on Podcasting. If you are unsure about what Podcasting really is, then please review the previous issue of the MyOSS? Magazine.

Setting Up

In order to setup your own podcasting server, several software is required. To record and to mix it later you will need an audio editor, in which case we will be using Audacity ( http://audacity.sourceforge.net ). Similarly to serve the files, we require a webserver capable of running PHP, so we will use Apache Webserver Version 2 ( http://httpd.apache.org ) with PHP ( http://www.php.net ) installed. Please refer to your operating system/distribution on the installation of the software, but it should not be too difficult. Finally we will use a PHP script to serve up the podcasts, the PHP script in question being DirCaster ( http://www.shadydentist.com/wordpress/software/dircaster ). DirCaster? works by scanning through a directory for files you would like to podcast, and creating an RSS Feed for your podcasts. Make sure a microphone is available to be able to record your voice. This system is truly operating system independent and can run on GNU/Linux, Mac OSX, and Windows. The only expectation is general usage of the Apache Webserver.

Hopefully by now you have all the appropriate software download and installed, except for the PHP Script DirCaster?.

Straight Forward

Before we begin, create a folder in your webserver directory which will be used to save the podcasts. Untar the DirCaster? file into the new folder.

If you have ever used a tape recorder, usage of Audacity should be straight forward. To begin recording simply press the big red circular button, and begin talking into your mic. When your done recording, go to 'File > Export as MP3' and save your into the previously created directory, but save it as 'YYYY-MM-DD-Title' where YYYY-MM-DD represents the year (YYYY), month (MM), day (DD) of publishing and 'Title' as the title for your Podcasts.

Now you can subscribe to your podcast! Pretty easy and straight forward right?

Conclusion

Even after the presentations were finished, there was still a handful of topics to discuss about. Ditesh was holding another LPI examination, the third one this year. In additiona, there has been complaints about the lack of FOSS Education in the education sector. To resolve this issue, Prabu and myself are starting up a Free and Open Source Software Special Interest Group at APIIT, our university, and we requested that the MyOSS? Community to come and help us in our endeavour in any possible way.

If you wish to join us for the November Meetup, the date has been changed to reflect that the first friday of the month falls on Hari Raya. Similarly because of the short interval between the November Meetup and the possible date of the December Meetup (December 2nd), the date has been changed to December 9th.

Soon afterwards we left the SEACEM building and headed to the mamak store for our teh tarik and supper. Suprisingly most of the people who attended the Meetup joined along, making it more enjoyable and fun.

Thank you for coming to the MyOSS? October Meetup, and I hope to see you next month. In the mean time, happy Deepavali, and Hari Raya everyone.

If you would like to do a presentation, please contact me at aizat.faiz@gmail.com .

Thank You

Links

• NSA Security Enhanced Linux - http://www.nsa.gov/selinux/
• Audacity - http://audacity.sourceforge.net
• Apache Webserver 2 - http://httpd.apache.org
• PHP - http://www.php.net
• DirCaster - http://www.shadydentist.com/wordpress/software/dircaster