FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Hardened

 
 
LinkBack Thread Tools
 
Old 01-07-2012, 08:08 PM
"Anthony G. Basile"
 
Default Gentoo reintroduction of rsbac-sources

Hi everyone,

A long time ago, Gentoo used to provide RSBAC sources. For those of you
unfamiliar with RSBAC = rules set based access control, it provides
hardening similar to grsec. See their web page at:

https://www.rsbac.org

These patches were eventually removed because of waning activity, but
recently Amon Ott and his team started working on RSBAC and there has
been renewed interest within the community. You can see their activity
on their repos:

http://git.rsbac.org/cgi-bin/gitweb.cgi

So, I put the rsbac admin tool and kernel sources on my overlay and
Issiah Hill started testing them. I think we've progressed to the point
where we can reintroduce those kernel sources back into the gentoo tree,
so I did.

The new packages are

1) sys-kernel/rsbac-sources = vanilla linux 3.1.5 + genpatches + rsbac
patches. They do NOT at present contain the pax patches, but will in
the next rev bump.

2) sys-apps/rsbac-admin = the admin tool for rsbac

At this point, everything is experimental and I would not recommend them
for a production server. But they are there now for testing and
hopefully full stabilization. I welcome feedback from both our users
and the RSBAC team.

--
Anthony G. Basile, Ph.D.
Gentoo Linux Developer [Hardened]
E-Mail : blueness@gentoo.org
GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535
GnuPG ID : D0455535
 
Old 01-07-2012, 08:19 PM
"Francisco Blas Izquierdo Riera (klondike)"
 
Default Gentoo reintroduction of rsbac-sources

El 07/01/12 22:08, Anthony G. Basile escribió:
> Hi everyone,
>
> A long time ago, Gentoo used to provide RSBAC sources. For those of you
> unfamiliar with RSBAC = rules set based access control, it provides
> hardening similar to grsec. See their web page at:
>
> https://www.rsbac.org
>
> These patches were eventually removed because of waning activity, but
> recently Amon Ott and his team started working on RSBAC and there has
> been renewed interest within the community. You can see their activity
> on their repos:
>
> http://git.rsbac.org/cgi-bin/gitweb.cgi
>
> So, I put the rsbac admin tool and kernel sources on my overlay and
> Issiah Hill started testing them. I think we've progressed to the point
> where we can reintroduce those kernel sources back into the gentoo tree,
> so I did.
>
> The new packages are
>
> 1) sys-kernel/rsbac-sources = vanilla linux 3.1.5 + genpatches + rsbac
> patches. They do NOT at present contain the pax patches, but will in
> the next rev bump.
>
> 2) sys-apps/rsbac-admin = the admin tool for rsbac
>
> At this point, everything is experimental and I would not recommend them
> for a production server. But they are there now for testing and
> hopefully full stabilization. I welcome feedback from both our users
> and the RSBAC team.
>
On a side note, the old RSBAC documentation is available at
http://www.gentoo.org/proj/en/hardened/rsbac/ This documentation is old
and unsupported (that's why it is no longer accesible from the hardened
space), but patches are welcome to get it up to date. To see the sources
of the document just add ?passthru=1at the end of the URL.
 

Thread Tools




All times are GMT. The time now is 01:51 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org