[rsbac] Re: New Live-CD
cesare at ucci.it
Fri Mar 5 17:00:54 CET 2004
Concerning the Live-CD, I have just finished using it at a university
course (actually the course was within a "Master in Computer Security"),
and I think that it could be very nice if it would be improved a bit, at
least for these purposes.
For example, it could be nice if it would start with a minimum bare
setup, nothing running, only logging-in as secoff and root allowed. Then
there could be (in secoff home) some scripts (like the current
"restore") which insert rules to allow some programs to run etc, even
reversible in the sense that the script can have a start/stop option to
insert/remove the rules.
Actually I did exactly this for my course, I wrote a 10 lines script
which removed some rules => apache would not work anymore, and then
added them by hand to show the students how it worked. It was not very
practical because I had to load the script from my disquette and then
ditribute it to the students etc.etc.
I think that a Live-CD like that would be very useful to those who
would like to learn how to use RSBAC. What do you think?
My public PGP key is at http://www.ucci.it/pasquinucci_pub_key.asc
fingerprint = 1647 A05A E37F 2141 069E 637F 8786 15F9 AB39 2D0E
More information about the rsbac