Porting NSA SE Linux to Hand Held devices


I presented this paper at the 2003 Ottawa Linux Symposium (OLS). is defunct, since about 2004, so I removed the link.

The NSA changed the URLs on their web site, so this version of the paper has the new ones.

The SE Linux kernel interfaces have changed, now it’s all through the proc [...]

Polyinstantiation of directories in an SE Linux system


I presented this paper at the 2006 SAGE-AU conference.


This paper describes the problems related to shared directories such as /tmp and /var/tmp as well as problems related to having multiple SE Linux security contexts used for accessing a single home directory. It then provides detailed information on the solution to this problem [...]

Benchmarking Mail Relays and Forwarders


I presented this paper at the OSDC conference in 2006.

The main page for my Postal benchmark is at My blog posts about benchmarking can be found at


Postal is a mail server benchmark that I wrote. The main components of it are postal for testing the delivery of mail via [...]

SE Debian: how to make NSA SE Linux work in a distribution


I presented this paper at Ottawa Linux Symposium (OLS) 2002. Since that time the acceptance of SE Linux in Debian was significantly less than I expected. But the acceptance in Red Hat Enterprise Linux and Fedora has been quite good. is defunct, since about 2004.

I corrected the URLs for the NSA papers [...]

Partitioning a Server with NSA SE Linux


I presented this paper at Linux Kongress 2002. Since that time virtualisation systems based around VMWare, Xen, and the hardware virtualisation in recent AMD and Intel CPUs has really taken off. The wide range of virtualisation options makes this paper mostly obsolete, and what isn’t obsoleted by that is obsoleted by new developments in [...]