RE: Planning v1.2.0 - update2


From: "Kaladis" <kaladis@gmx.de>
Subject: RE: Planning v1.2.0 - update2
Date: Wed, 1 Aug 2001 19:36:34 +0200

Next Article (by Date): Re: Planning v1.2.0 - update2 Arkady A Drovosekov
Previous Article (by Date): Re: Remove config options Amon Ott
Top of Thread: Planning v1.2.0 - update2 Amon Ott
Next in Thread: Re: Planning v1.2.0 - update2 Arkady A Drovosekov
Articles sorted by: [Date] [Author] [Subject]


> Real network access control as descibed in previous mails, with
> socket-template and socket objects

That's going to be very interesting :)

> - (maybe) PLT buffer overflow protection

And also please GOT. Maybe you want to contact the guys at
pageexec.virtualave.net. Last time I checked they were working on that.

> Automatic 'learning mode' to generate ACL setup for a program with
user/role
> from the log. Maybe some basic stuff for RC, too.

This will be tricky but worth it I think


Easier capabililty delegation would be good... I just don't get it working
(with RC) that UID 102 for example can bind to port 21 :/

With this capability delegation you could finally run FTP/SSHD from another
user ID... That'd be very secure then. I don't feel comfortable with daemons
running UID 0 at all.

Maybe some better RC documentation would be nice?


-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Date): Re: Planning v1.2.0 - update2 Arkady A Drovosekov
Previous Article (by Date): Re: Remove config options Amon Ott
Top of Thread: Planning v1.2.0 - update2 Amon Ott
Next in Thread: Re: Planning v1.2.0 - update2 Arkady A Drovosekov
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.