[rsbac] Dummies starter guide
Peter Busser
busser at m-privacy.de
Wed Mar 23 12:51:38 CET 2005
Hi!
> Not to mention me, who really knows nothing beyond the
> patching/compiling stage. =) I understand that this is how Adamantix
> does it, and I may have to look at their packages/setup in order to see
> how they're implementing it, but I think basically it still needs to be
> documented somehow... somewhere... for people who want to do something
> with it to be able to easily.
This is how the first version of Adamantix did it, not how current versions
(are supposed to) do it.
It is still work in progress, but I wrote an RSBAC policy tool, which
basically does the following:
- It gets the list of installed packages
- For every package, it reads a configuration file
- It sets RSBAC attributes according to what is specified in the configuration
file.
Of course it does more, it auto-detects the modules enabled in the kernel. In
theory it supports arbitrary package managers and aribtrary RSBAC modules and
attributes through plugins. The RC support of course also creates and removes
RC Roles and Types.
This of course does not remove the work you have to do to create a policy, but
it makes distributing and implementing the policy a lot easier.
Groetjes,
Peter.
More information about the rsbac
mailing list