Screaming Penguin

One of the things I have always liked about Java is it is simply immune to a lot of the standard tacts taken by the black hat security folk out there. Lotsa buzz today about Red Hat shipping the new patch for "NX bit support" on Athlon 64 based systems. This is basically an expansion of the memory tables that marks some bytes as executable and others as as not ("Not eXecutable"), meaning that passing in a dataline that overflows allocated memory will not result in malicious or even random instructions executing on the CPU. Anyway, be prepared to hack on some old stuff. It seems a handfull of legacy apps might not like running under the new kernel, but it is going to be enabled by default. On a related topic, anybody know of a good intro to SELinux? Being as it is being merged into the Fedora line and all, I figure I might as well read up on making my box spook-worthy.