Re: RSBAC

From: ao@morpork.shnet.org (A. Ott)
Subject: Re: RSBAC
Date: 02 Nov 1998 21:12:00 +0100

Next Article (by Author): Re: RSBAC ao@morpork.shnet.org (A. Ott)
Previous Article (by Author): Re: RSBAC ao@morpork.shnet.org (A. Ott)
Top of Thread: Re: RSBAC ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: RSBAC ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date] [Author] [Subject] 

Hi Paul!

You wrote:

> Thanks for getting back to me, I've been too busy to follow-up on things
> recently.  I'm hoping to have a lot of time free up soon though.
                 ^^^^^^
Living in hope... ;)

> > > Lastly:  Is there a mailing list for the discussion of RSBAC?
> > Yes, now there is. Mail to majordomo@morpork.shnet.org,
> > subscribe rsbac
> > in the body.
> Great, I think RSBAC is a very interesting tool, and I can't wait to get
> a few days to go back to trying to build under glibc.

I already got someone having problems to compile under Redhat 5.1, I will  
have to look into that. So please tell me (or the list), what happened!

> > P.S.: 1.0.5 for 2.1.125 is nearly finished, bringing proc support and
> >       more stability
> More stability is good!

It's out now, and I could not crash it, as long as the aci lists were not  
too big.

My crashtest: Turn MS with READ-OPEN check on, make repeating tar of whole  
disk in several parallel processes and a du in another one.

> I've been playing with DG/UX's B2 featureset.  One of the interesting
> things they do is per-context /tmp directories, so that one user's /tmp
> isn't another user's /tmp.  Quite an interesting approach, and I'll have
> to look more deeply at it to see where the problems lie.

This idea was around here sometimes. I thought about configurable /tmp  
replacements for different security levels. One problem: It must be a  
module decision or a per-user/per-process solution (setuid???), otherwise  
the whole underlying model gets broken.

Amon.

--
## CrossPoint v3.11 ##
-
To unsubscribe ao@morpork.shnet.org (A. Ott) from the rsbac list, send a mail to
majordomo@morpork.shnet.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Author): Re: RSBAC ao@morpork.shnet.org (A. Ott)
Previous Article (by Author): Re: RSBAC ao@morpork.shnet.org (A. Ott)
Top of Thread: Re: RSBAC ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: RSBAC ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date] [Author] [Subject]

Go to Compuniverse LWGate Home Page.