From: Vadim Kogan <vadim@scam.XCF.Berkeley.EDU>
Subject: Re: Plans with RSBAC
Date: Fri, 8 Oct 1999 08:17:22 -0700 (PDT)
Next Article (by Author): patch for 2.3.19 Vadim Kogan
Previous Article (by Author): Re: Plans with RSBAC Vadim Kogan
Top of Thread: Plans with RSBAC ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: Plans with RSBAC "Paul D. Robertson"
Articles sorted by: [Date]
[Author]
[Subject]
On 8 Oct 1999, A. Ott wrote: > Vadim, you need a complete understanding of the current state of ACL when > programming the menues, and the menues sometimes need changes in command > line tools. So you cannot help me there, but I really need help with > testing as soon as I push out a 1.0.9a-pre1 - like with all pre's. Well, ACL are probably the easiest part of RSBAC for me - I used to be NW guru before I got to UNIX (heh, at that time I was the youngest CNA in the world :-)) > > The changes aim at some kind of distributed RSBAC in our networked world > and will take a lot of time. Oh that.. Yeah, that'll take forewer, unless somebody will start working on it now. Right now I'm limited to internal issues (fixing broken proggies on the way). BTW, another thing about syscalls (well, at least syslog). We need some kind of rate-limiting and maybe some other stuff. I realize that it's beyond models implemented in RSBAC, but this is closely related to security and just like secure delete, it should bo done somewhere. I'm gonna look at VINO implementation. > > > > role-setting daemon (not 100% sure it's needed though, need to analyze > > more) > > You are welcome to add one... ;) Oh, I'll write one if somebody smart will tell me that it's needed for "blabla" situation. It's just that for now I'm not even sure it's needed and whether it's a smart idea at all. Non-careful feature can intoduce a hole. > Like triple overwrite with patterns? Yes, we can say that lots of important data is now on magnetic disks, so it can be pretty useful. (not that I'll turn it on for anything but testing :) Vadim. - To unsubscribe from the rsbac list, send a mail to majordomo@morpork.shnet.org with unsubscribe rsbac as single line in the body.
Next Article (by Author): patch for 2.3.19 Vadim Kogan
Previous Article (by Author): Re: Plans with RSBAC Vadim Kogan
Top of Thread: Plans with RSBAC ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: Plans with RSBAC "Paul D. Robertson"
Articles sorted by: [Date]
[Author]
[Subject]