On Sun, 2002-02-24 at 10:11, Fabrice FACORAT wrote: > > > A bit dusty, yet still doormant, in cooker cvs is a project that was > > designed to replace msec. BUS, which stands for Bastille Unix Security > > was an idea put in action via Yoann Vandoorselaere, Jay Beale (Bastille > > Linux), and myself. > > The backend is simply beautiful IMHO. Let me shortly explain (as best I > > can). > > The core of BUS is written in C, > > sweet > > > perl modules can be used for routines, > > sweet > no need to install python. 1 package less
This is true. > > > > and the configuration is done in xml. > > future. > just a joke : use openoffice format so that you can edit it in > openoffice with color ... > it's a joke. everything tend to be in xml nowadays ... xml is great for configuration :) > > > This makes up the backend. There are two main configuration files, > > actions.xml and secdb.xml. > > A look at secdb/pam.xml: > > /* SNIP */ > > <variable name="pam_filesize"> > > <question>Would you like to set a maximum file size a user is allowed > > via PAM ? > > > > If so what shall be the maximum file size(default it 40000 == > > 40MB)?</question> > > > > <answer default="1" level="4,5">40000</answer> > > <answer type="number">Maxium File Size</answer> > > <answer level="0,1,2,3">no</answer> > > </variable> > > / * SNIP * / > > this remind me some of the config file of Bastille > Do you mean the xml? Or the actual question? If it's the ladder, that is because this question is asked in Bastille. If it's the former, then that would be most likely due to that Jay implemented ideas in Bastille, that were spawned during BUS devel. > > > > > (See the README for more info) > > > > Here's a screenshot of what a custom session looks like. > > This is a gtk+ frontend (pre-alpha beautifully written by Renaud > > Chaillat). > > fine so can be easily integrate with mdk tools Yup! > > (ncurses frontend, as well as the basic CLI frontend (done) were in > > place) > > nice for servers config ( no need of a GUI ) Yup! > > Now of course, BUS, was being worked on not only to replace msec, but > > Bastille Linux as well, and not only for Linux, but Solaris, HP-UX, and > > so on... > > concerning the replacement of Bastille what are its features concerning > firewalling ? First keep in mind, when I say it was to be a replacement for Bastille Linux and msec, this was true at one time, but not so anymore. BUS, is still now, an orphan project. I think the name would need to be changed. Well, I think that firewall configuration is moot. From what I understand wizdrake does a pretty good job. > > BUS has rollbacks > > really good : ) > > > One particular thing that I always pointed out about BUS was that you > > didn't have to hack to your system, it learned your system on it's own > > (this is due to a lot of great code by Yoann, e.g., xml function check). > > great! there's not enough config tools that use the variables of your > system ? : ) BTW: BUS source code is obtainable via mdk's cvs repos. -- Bryan Paxton Public PGP key: http://www.deadhorse.net/bpaxton.gpg "Winning gives birth to hostility. Losing, one lies down in pain. The calmed lie down with ease, having set winning & losing aside." Dhp. 201
