From: ao@morpork.shnet.org (A. Ott)
Subject: pre directory
Date: 23 Dec 1998 13:14:00 +0100
Next Article (by Subject): Problems with 1.0.5 ao@morpork.shnet.org (A. Ott)
Previous Article (by Subject): Coda/AFS/DFS and NFS ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date]
[Author]
[Subject]
Hi RSBAC folks! Now there is a directory for pre-releases. If you are interested in testing new features and commenting on them before they are official, give it a try. Currently there is 1.0.7a-pre1 in it with alpha arch support (no more errors reported so far), better error detection for data structures (be careful, if changing number of fd-lists). The dir is below rsbac home dir, but FTP only. The URL is ftp://agn-www.informatik.uni-hamburg.de/people/1ott/rsbac/pre Work is in progress, a temporary focus lies on authentification. There will probably be an extra module AUTH, restricting general setuid to progs with auth_may_setuid and adding setuid capabilities for processes, based on target uid. These capabilities can only be set by progs with auth_may_set_cap set. This feature can be used to setup auth daemons, e.g. PAM or Kerberos based. However, these attributes will have to be protected by all decision modules, as well as disabling this module must be. Most current modules will simply restrict access to security officers, the PM module might require a PM ticket. If this auth restriction works well, the role-protection parts are likely to disappear. Amon. -- ## CrossPoint v3.11 ## - To unsubscribe ao@morpork.shnet.org (A. Ott) from the rsbac list, send a mail to majordomo@morpork.shnet.org with unsubscribe rsbac as single line in the body.
Next Article (by Subject): Problems with 1.0.5 ao@morpork.shnet.org (A. Ott)
Previous Article (by Subject): Coda/AFS/DFS and NFS ao@morpork.shnet.org (A. Ott)
Articles sorted by: [Date]
[Author]
[Subject]