Red Hat Security Blog: December 2014 archives
-
Container Security: Isolation Heaven or Dependency Hell
Docker is the public face of Linux containers and two of Linux's unsung heroes: control groups (cgroups) and namespaces. Like virtualization, containers are appealing because they help solve two of the oldest problems to plague developers: "dependency hell" and "environmental hell." Closely related, dependency and environmental hell can best be thought of as the chief cause of "works for me" situations. Dependency hell simply describes the complexity inherent in modern application's tangled... -
Analysis of the CVE-2013-6435 Flaw in RPM
The RPM Package Manager (RPM) is a powerful command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. RPM was originally written in 1997 by Erik Troan and Marc Ewing. Since then RPM has been successfully used in all versions of Red Hat Linux and currently in Red Hat Enterprise Linux. RPM offers considerable advantages over traditional open-source software install methodology of building from source via tar balls,... -
Disabling SSLv3 on the client and server
Recently, some Internet search engines announced that they would prefer websites secured with encryption over those that were not. Of course there are other reasons why securing your website with encryption is beneficial. Protecting authentication credentials, mitigating the use of cookies as a means of tracking and allowing access, providing privacy of your users, and authenticating your own server thus protecting the information you are trying to convey to your users. And while setting up...