[rsbac]
Re: How does RSBAC relate to the Linux Security Module framework
(LSM)?
Christian Schuhegger
Christian.Schuhegger at cern.ch
Fri Aug 8 14:46:38 MEST 2003
Amon Ott wrote:
> LSM provides a set of low-level hooks in kernel functions, which use pointers
> to kernel internal structures as parameters.
> RSBAC currently implements a separate set of hooks, which use a kernel
> version independent abstraction of the type of access and the target to be
> accessed.
> ...
>
> Amon.
thanks a lot for that insight!
could you perhaps also give me your personal view on how things will
develop in the future, e.g. probably several of the security enhancement
projects for linux will merge or at least use a common infrastructure
and try to find some common standards so that these enhancements can go
into the mainstream linux distributions like debian, redhat, suse, ...
and perhaps even the linux standard base project could integrate such a
common infrastructure?
i am also a bit surprised that a project like SELinux, which seems to
have a similar objective as RSBAC, started after RSBAC was already a
stable system running on different platforms? only from what i've read
so far SELinux seems not to add any significant advantages over RSBAC,
or does it in some areas?
at the moment i am just a bit irritated by the numberous projects having
similar or overlapping objectives. is there perhaps somewhere a good
overview that sets all the relevant projects into relation, e.g. how
they could be combined or how they complement each other (perhaps even
with a bit of historic insight)?
thanks a lot,
--
Christian Schuhegger
http://galileo.spaceports.com/~cschuheg
More information about the rsbac
mailing list