[rsbac] Announce: RSBAC v1.2.3 released

Amon Ott ao at rsbac.org
Fri Jul 2 10:06:11 CEST 2004 

Rule Set Based Access Control (RSBAC) v1.2.3 has been released! Full 
information and downloads are available from http://www.rsbac.org

We are also proud to announce the relaunch of our Website and a set of 
worldwide mirrors.

RSBAC Key Features:

    * Free Open Source (GPL) Linux kernel security extension
    * Independent of governments and big companies
    * Several well-known and new security models, e.g. MAC, ACL and RC
    * Control over individual user and program network accesses
    * Any combination of models possible
    * Easily extendable: write your own model for runtime registration
    * Now includes on-access virus scanning with Dazuko interface
    * Support for current kernels in 2.4 and 2.6 series
    * Stable for production use since January 2000

Between the first upload and this announcement, the first important 
security bugfixes had to be released, too, which also apply to previous 
versions. You can always find the latest bugfixes at 
http://www.rsbac.org/download/bugfixes, they are already included in some 
of the pre-patched kernel sources (-bfX) at 
http://www.rsbac.org/download/kernels/v1.2.3/


New features in RSBAC v1.2.3:

General:
    * Port to 2.6 kernel series with many internal changes
    * Full log separation between system and RSBAC log
    * Improved hiding of unaccessible processes

AUTH:
    * Learning mode, global and per-process

RC:
    * System boot role, now separate from root's role
    * Extra process type for kernel threads for explicit access control
    * Types for user objects

DAZ:
    * New 100% compatible Dazuko (www.dazuko.org) module
    * On-access scanning through user space antivirus daemons
    * In-kernel scanning result cache, speeding it all up significantly

ACL:
    * Global learning mode

PAX:
    * New PaX support module

JAIL:
    * Several security related and other bugfixes (it is strongly 
      recommended to update)
    * Linux capability restrictions for jailed processes

MAC:
    * Trusted-for-user list instead of single value


Please forward this announcement to where you think it is applicable, e.g. 
local or national security lists, newspapers or magazines, or your 
favourite Internet forum.

Feedback is always welcome!

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde geschreddert...
Dateiname   : nicht verfügbar
Dateityp    : application/pgp-signature
Dateigröße  : 189 bytes
Beschreibung: signature
URL         : http://www.rsbac.org/pipermail/rsbac/attachments/20040702/e8f84141/attachment-0002.bin

More information about the rsbac mailing list