[rsbac] rsbac + iptables

Amon Ott ao at rsbac.org
Wed Apr 13 10:14:28 CEST 2005

On Mittwoch 13 April 2005 10:03, Andrea Pasquinucci wrote:
> I would like to ask how to protect the iptables firewall rules from
> root. The way I do is to allow the Role BOOT to use /sbin/iptables 
> /lib/iptables/*.so but to deny the use of these to anybody else. In 
> way, at boot the rules are inserted and then nobody can use
> /sbin/iptables anymore.
> This is not satisfactory in my opinion, since root could install a 
> version of iptables in /tmp and use it from there. Is there a way of
> blocking the iptables rules in the kernel? How? (Am I missing
> something silly?) Thanks,

All IPv4 firewall changes are protected as SCD target firewall. If any 
change is not intercepted, please report this as a bug. :)

http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

More information about the rsbac mailing list