[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200707191137.02048.ao@rsbac.org>
Date: Thu, 19 Jul 2007 11:37:01 +0200
From: Amon Ott <ao@...ac.org>
To: LKML <linux-kernel@...r.kernel.org>
Subject: [ANNOUNCE] RSBAC 1.3.5 released
Hello everyone!
Rule Set Based Access Control (RSBAC) 1.3.5 has been released for both
Linux kernels 2.4.34.5 and 2.6.22.1.
You can download the new version from http://www.rsbac.org
RSBAC is one of the leading access control systems for the Linux
kernel with a good selection of access control models, see
http://www.rsbac.org/why for more details.
Important changes since 1.3.4:
* Fixes compilation errors with some configurations.
* Some safety measures with null pointers.
* Fixes an important bug with User Management password hashing,
introduced with newer 2.6 kernel crypto API.
Major improvements over the 1.2.x series:
Speed and scalability:
- Cache for inherited filesystem attribute values
- Automatically scaling hash tables for generic lists to minimize
list lookups
- Change network templates to handle up to 25 ip networks and up to
10 port ranges per template
- Various smaller optimizations
More control:
- Fine grained setuid control also in RC (type of the target user)
and ACL (acl at the target user) models
- UNIX sockets as new filesystem target type, thus more fine grained
control with RC types and ACLs
- Further improved IPC communication control
- RSBAC User Management password history with configurable length to
avoid password reuse.
- New request type AUTHENTICATE against USER targets. No
authentication against RSBAC UM without this right in RC and ACL, so
even harder to brute force attack
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists