[rsbac] Several questions

Jan Andrejkovic rsbac@rsbac.org
Wed Mar 20 11:40:04 2002

Hello !

I'm new in rsbac but I think it is very good program. I have already red
almost everything what is on the RSBAC web-page. I just patched the
kernel 2.4.17 and recompiled it, but I have not installed rsbac with
this kernel yet.

First of all I have several questions:

1. I have small linux sever which purpose is firewall, router, mail,
and dns server and I would like to ask you which models of RSBAC will be
the best for protection of such server?

2. Let's say some intruder will gain login and password to my sever on the 
level of common user. And this intruder will find that I have bug in the
sendmail program. He will exploit my sendmail and he will gain root
rights. Which model should I use if I want to prevent him to do another
operations like sendmail do? Or which model should I use for maximall
elimination of the intruder?

3. Can you explain me the mechanism how RSBAC will protect my server in
the case written in the previous paragraph?

Thank you very much for your answers,

Jan Andrejkovic.

Visit my WEB page: http://www.tofu.sk