[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200407021006.19888.ao@rsbac.org>
Date: Fri, 2 Jul 2004 10:06:11 +0200
From: Amon Ott <ao@...ac.org>
To: RSBAC <rsbac@...ac.org>, RSBAC-Announce <rsbac-announce@...ac.org>,
linux-kernel@...r.kernel.org,
Suse-Security <suse-security@...e.com>, sec@...ux-sec.net,
bugtraq@...urityfocus.com
Subject: Announce: RSBAC v1.2.3 released
Rule Set Based Access Control (RSBAC) v1.2.3 has been released! Full
information and downloads are available from http://www.rsbac.org
We are also proud to announce the relaunch of our Website and a set of
worldwide mirrors.
RSBAC Key Features:
* Free Open Source (GPL) Linux kernel security extension
* Independent of governments and big companies
* Several well-known and new security models, e.g. MAC, ACL and RC
* Control over individual user and program network accesses
* Any combination of models possible
* Easily extendable: write your own model for runtime registration
* Now includes on-access virus scanning with Dazuko interface
* Support for current kernels in 2.4 and 2.6 series
* Stable for production use since January 2000
Between the first upload and this announcement, the first important
security bugfixes had to be released, too, which also apply to previous
versions. You can always find the latest bugfixes at
http://www.rsbac.org/download/bugfixes, they are already included in some
of the pre-patched kernel sources (-bfX) at
http://www.rsbac.org/download/kernels/v1.2.3/
New features in RSBAC v1.2.3:
General:
* Port to 2.6 kernel series with many internal changes
* Full log separation between system and RSBAC log
* Improved hiding of unaccessible processes
AUTH:
* Learning mode, global and per-process
RC:
* System boot role, now separate from root's role
* Extra process type for kernel threads for explicit access control
* Types for user objects
DAZ:
* New 100% compatible Dazuko (www.dazuko.org) module
* On-access scanning through user space antivirus daemons
* In-kernel scanning result cache, speeding it all up significantly
ACL:
* Global learning mode
PAX:
* New PaX support module
JAIL:
* Several security related and other bugfixes (it is strongly
recommended to update)
* Linux capability restrictions for jailed processes
MAC:
* Trusted-for-user list instead of single value
Please forward this announcement to where you think it is applicable, e.g.
local or national security lists, newspapers or magazines, or your
favourite Internet forum.
Feedback is always welcome!
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists