Friends, I am pleased to announce the release of rainbow-0.8.6. Rainbow implements portions of the isolation shell described in the Bitfrost threat model and security architecture.
The key differences between this release and its predecessor include support for garbage collection of uids, ui sugar for resuming uids, bug fixes to the resume logic, and a simplified singly-linked list library. This release was made possible by encouragement and suggestions from Sascha Silbe, Bernie Innocenti, and Benjamin Mako Hill. It has been (minimally) tested on Debian Sid, Ubuntu Karmic, and Fedora Rawhide and has been packaged in Fedora Rawhide for your convenience. Interesting links for this release include: git: git://dev.laptop.org/users/mstone/security tar: http://dev.laptop.org/~mstone/releases/SOURCES/rainbow-0.8.6.tar.bz2 browse: http://dev.laptop.org/git/users/mstone/security/tree/?id=rainbow-0.8.6 setup: http://wiki.laptop.org/go/Rainbow/Installation_Instructions tests: http://wiki.laptop.org/go/Rainbow/Testing The shortlog from rainbow-0.8.5..rainbow-0.8.6 is: Bernie Innocenti (1): Capture XAUTHORITY. Michael Stone (19): Remove unused flexibility from the spool option parsing code. First pass at updated rainbow-gc. Clean up group membership. Protect sticky uids from garbage collection. Clean up some per-uid Xephyr data. Improve spool detection checks. Install rainbow-gc. Add some logging to rainbow-gc. Make xephyr usage resumable. Teach rainbow to resume uids with more auxiliary groups. Add a simple resume subcommand. Add INIT() and COPY() operators from dnshash. Add a novel singly-linked list implementation. Add test_endgrent script. Simplify list traversal logic. Fix Karmic sudo segfault. Tweak warnings and link flags. Set default spool location in rainbow-gc. rainbow-0.8.6. Kind regards, Michael _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel