[rsbac] To-do list for 1.2.2

Amon Ott rsbac@rsbac.org
Fri Nov 15 11:04:01 2002

Hi there!

This is my current to-do list for 1.2.2. Any wishes?


- MS module support for F-Protd as scanning engine
- ms_need_scan FD attribute for selective scanning

To do for 1.2.2:

- Finish MS changes to allow setting of individual request types to trigger
scanning, not only READ_(WRITE_)OPEN and EXECUTE
- Change i18n technique of admin tool help to gettext
- Minimum and maximum resource settings to CAP module
- New requests CHANGE_DAC_(EFF|FS)_OWNER on target type PROCESS to control 
euid and fsuid
- Extra AUTH cap sets for these
- Support more scanners (AVP, AntiVir) in MS module

To do later:

- New resource control scheme with per-user or per-program resources
- Optional RC role and type hierarchy
- RC ttl setting in menues (already displayed, but setting is a bit tricky)
- AUTH daemon for authentication enforcement
- Support more network address families with addresses etc.
- Support more network address families with NETDEV and SCD/network/firewall
- Port the last lists (AUTH) to generic lists
- PM overhaul and menues
- (maybe) Install trace mode with automatic attribute restore (for software
- Script log->auth cap setting
- Learning modes etc. for automatic setup script generation
- ACL support in Samba
- (maybe) Attribute set undo log in menues
- (maybe) Attribute get log in menues