On Tuesday 25 June 2002 15:24, Han wrote: > Hi, > I am following this project at the moment: > http://www.citi.umich.edu/u/provos/systrace/ > If you spend a few minutes reading what it is all about you will see > that this is a going to be a killer securitty app. It's not yet finished > but people who have OpenBSD installed can have a much closer look. At > the moment the OpenBSD team is preparing to include it in the next > OpenBSD-release. > A linux version is also in the making so within a few month we should > have something working. In the mean while we can start thinking about > what to do with this app.
Hello, For linux, you already have RSBAC http://www.rsbac.org/ It can do the same things, except that it's maybe not so interactive. There are two mode (and a half ?) in rsbac : 1- normal 2- maintenance - soft mode The normal mode enforce a policy, that you can fine tune before hand, or while the system is running (provided that you didn't deny access to yourself, which is trivial to achieve with RSBAC). >From normal mode, you can pass into soft mode, where you will just be notified of access denied, without actually denying. Maitenance mode is the same as soft mode, except that you have to reboot with a "maintenance" kernel. Basically, when you create your policy, you use a lot softmode or maintenance mode. However, on the production system, you remove these features as to obtain maximum security. RSBAC comes with a suite of tools, text-menu based, or command line based so you can use them from scripts (%pre, %post...). Unlike selinux, you don't need to patch all the userspace system tools to work with it. You just need to patch the kernel, compile and install their userland tools, and there you go. Amon said he would make it use lsm when lsm will be part of the stable branch of kernel. There is a mandrake distro deriviates that uses RSBAC : http://castle.altlinux.ru/ Have a nice day, Fabrice. -- Fabrice MARIE Senior R&D Engineer Celestix Networks http://www.celestix.com/ "Silly hacker, root is for administrators" -Unknown
