lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200407021006.19888.ao@rsbac.org>
Date: Fri, 2 Jul 2004 10:06:11 +0200
From: Amon Ott <ao@...ac.org>
To: RSBAC <rsbac@...ac.org>, RSBAC-Announce <rsbac-announce@...ac.org>,
	linux-kernel@...r.kernel.org,
	Suse-Security <suse-security@...e.com>, sec@...ux-sec.net,
	bugtraq@...urityfocus.com
Subject: Announce: RSBAC v1.2.3 released


Rule Set Based Access Control (RSBAC) v1.2.3 has been released! Full 
information and downloads are available from http://www.rsbac.org

We are also proud to announce the relaunch of our Website and a set of 
worldwide mirrors.

RSBAC Key Features:

    * Free Open Source (GPL) Linux kernel security extension
    * Independent of governments and big companies
    * Several well-known and new security models, e.g. MAC, ACL and RC
    * Control over individual user and program network accesses
    * Any combination of models possible
    * Easily extendable: write your own model for runtime registration
    * Now includes on-access virus scanning with Dazuko interface
    * Support for current kernels in 2.4 and 2.6 series
    * Stable for production use since January 2000

Between the first upload and this announcement, the first important 
security bugfixes had to be released, too, which also apply to previous 
versions. You can always find the latest bugfixes at 
http://www.rsbac.org/download/bugfixes, they are already included in some 
of the pre-patched kernel sources (-bfX) at 
http://www.rsbac.org/download/kernels/v1.2.3/


New features in RSBAC v1.2.3:

General:
    * Port to 2.6 kernel series with many internal changes
    * Full log separation between system and RSBAC log
    * Improved hiding of unaccessible processes

AUTH:
    * Learning mode, global and per-process

RC:
    * System boot role, now separate from root's role
    * Extra process type for kernel threads for explicit access control
    * Types for user objects

DAZ:
    * New 100% compatible Dazuko (www.dazuko.org) module
    * On-access scanning through user space antivirus daemons
    * In-kernel scanning result cache, speeding it all up significantly

ACL:
    * Global learning mode

PAX:
    * New PaX support module

JAIL:
    * Several security related and other bugfixes (it is strongly 
      recommended to update)
    * Linux capability restrictions for jailed processes

MAC:
    * Trusted-for-user list instead of single value


Please forward this announcement to where you think it is applicable, e.g. 
local or national security lists, newspapers or magazines, or your 
favourite Internet forum.

Feedback is always welcome!

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ