Gentoo reintroduction of rsbac-sources
El 07/01/12 22:08, Anthony G. Basile escribió:
> Hi everyone,
> A long time ago, Gentoo used to provide RSBAC sources. For those of you
> unfamiliar with RSBAC = rules set based access control, it provides
> hardening similar to grsec. See their web page at:
> These patches were eventually removed because of waning activity, but
> recently Amon Ott and his team started working on RSBAC and there has
> been renewed interest within the community. You can see their activity
> on their repos:
> So, I put the rsbac admin tool and kernel sources on my overlay and
> Issiah Hill started testing them. I think we've progressed to the point
> where we can reintroduce those kernel sources back into the gentoo tree,
> so I did.
> The new packages are
> 1) sys-kernel/rsbac-sources = vanilla linux 3.1.5 + genpatches + rsbac
> patches. They do NOT at present contain the pax patches, but will in
> the next rev bump.
> 2) sys-apps/rsbac-admin = the admin tool for rsbac
> At this point, everything is experimental and I would not recommend them
> for a production server. But they are there now for testing and
> hopefully full stabilization. I welcome feedback from both our users
> and the RSBAC team.
On a side note, the old RSBAC documentation is available at
http://www.gentoo.org/proj/en/hardened/rsbac/ This documentation is old
and unsupported (that's why it is no longer accesible from the hardened
space), but patches are welcome to get it up to date. To see the sources
of the document just add ?passthru=1at the end of the URL.