[rsbac] Re: New Live-CD

Andrea Pasquinucci cesare at ucci.it
Fri Mar 5 17:00:54 CET 2004

Concerning the Live-CD, I have just finished using it at a university
course (actually the course was within a "Master in Computer Security"),
and I think that it could be very nice if it would be improved a bit, at
least for these purposes. 

For example, it could be nice if it would start with a minimum bare 
setup, nothing running, only logging-in as secoff and root allowed. Then 
there could be (in secoff home) some scripts (like the current 
"restore") which insert rules to allow some programs to run etc, even 
reversible in the sense that the script can have a start/stop option to 
insert/remove the rules. 

Actually I did exactly this for my course, I wrote a 10 lines script 
which removed some rules => apache would not work anymore, and then 
added them by hand to show the students how it worked. It was not very 
practical because I had to load the script from my disquette and then 
ditribute it to the students etc.etc.

I think that a Live-CD like that would be very useful to those who
would like to learn how to use RSBAC. What do you think?


Andrea Pasquinucci

My public PGP key is at http://www.ucci.it/pasquinucci_pub_key.asc
fingerprint = 1647 A05A E37F 2141 069E  637F 8786 15F9 AB39 2D0E

More information about the rsbac mailing list