From: Jesse Pollard <pollard@cats-chateau.net>
Subject: Re: 1.0.9b-pre2 uploaded
Date: Wed, 1 Mar 2000 21:36:46 -0600
Next Article (by Date): 1.0.9b-pre3 uploaded ao@morpork.shnet.org (A. Ott)
Previous Article (by Date): Re: 1.0.9b-pre2 uploaded ao@morpork.shnet.org (A. Ott)
Top of Thread: 1.0.9b-pre2 uploaded ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: 1.0.9b-pre2 uploaded Jesse Pollard
Articles sorted by: [Date]
[Author]
[Subject]
On Wed, 01 Mar 2000, A. Ott wrote:
>********* ***************** ********** **** ***** ***** ************
> To subject Re: 1.0.9b-pre2 uploaded
> pollard@dns1.navo.hpc.mil (Jesse Pollard) wrote:
>********** ******************** ****** ******** ******* *************
>
>> Hi
>> ao@morpork.shnet.org (A. Ott):
>> ...
>> >- If somebody of you has an SMP system, I would really appreciate feedback
>> > and debugging help. RSBAC does not access data on unmounted filesystems,
>> > so it should be safe to setup a test system on a separate partition.
>>
>> Yes I do... And I've had some problems. First a URL reference to my (our)
>> system: http://www.cats-chateau.net/ (undergoing development). There
>> is a section at http://www.cats-chateau.net/homenet/security/ that
>> outlines the beginning of an approach to a very secured web server, but
>> without assuming a bug free web server...
>
>I just read your text. The MAC description is well done, and your setup
>solution sounds very interesting. Would you mind my putting up a link from
>RSBAC?
Thanks for the complement. I don't have a problem with the link, although
I do have to tell you I/we will be re-organizing that structure. One of the
things I want to do is:
update the firewall so that I can use its' rules to redirect port
80 to my server, port 81? (that is where I want the MAC support
to protect the server. The firewall doesn't have the disk
space - only has 540MB)
update document tree to have a better top level introduction/policy
and usage statement, allow my wife to be able to do publication
of what she wants - put a photo gallery of our cats, ....
The security text will get expanded as exerience with RSBAC grows, and more
alternate structures/use is defined -
How about putting samba in a level/compartment for Windows systems?
nfsd?
How would the kernel mode nfs daemons react?
How would the use of X windows be defined?
Lots of fun stuff..
The new disk drive just got installed, so I'll be able to partition it (most
of it for web/mailing list archives?/backup of the production boot/swap. The
current system disk will be repartitioned into a production boot/swap/test root.
This will give me the space needed.
--
-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@cats-chateau.net
Any opinions expressed are solely my own.
-
To unsubscribe from the rsbac list, send a mail to
majordomo@morpork.shnet.org with
unsubscribe rsbac
as single line in the body.
Next Article (by Date): 1.0.9b-pre3 uploaded ao@morpork.shnet.org (A. Ott)
Previous Article (by Date): Re: 1.0.9b-pre2 uploaded ao@morpork.shnet.org (A. Ott)
Top of Thread: 1.0.9b-pre2 uploaded ao@morpork.shnet.org (A. Ott)
Next in Thread: Re: 1.0.9b-pre2 uploaded Jesse Pollard
Articles sorted by: [Date]
[Author]
[Subject]