[rsbac] [ANNOUNCE] RSBAC 1.3.5 released

Amon Ott ao at rsbac.org
Fri Jul 20 09:51:12 CEST 2007


Hello everyone,

please forward this announcement where you think it fits. It has 
already been sent to Bugtraq and linux-kernel mailing list.

Rule Set Based Access Control (RSBAC) 1.3.5 has been released for both 
Linux kernels 2.4.34.5 and 2.6.22.1.
You can download the new version from http://www.rsbac.org

RSBAC is one of the leading access control systems for the Linux 
kernel with a good selection of access control models, see 
http://www.rsbac.org/why for more details.

Important changes since 1.3.4:
  * Fixes compilation errors with some configurations.
  * Some safety measures with null pointers.
  * Fixes an important bug with User Management password hashing,
introduced with newer 2.6 kernel crypto API.

Major improvements over the 1.2.x series:

Speed and scalability:
  - Cache for inherited filesystem attribute values
  - Automatically scaling hash tables for generic lists to minimize 
list lookups
  - Change network templates to handle up to 25 ip networks and up to 
10 port ranges per template
  - Various smaller optimizations

More control:
  - Fine grained setuid control also in RC (type of the target user) 
and ACL (acl at the target user) models
  - UNIX sockets as new filesystem target type, thus more fine grained 
control with RC types and ACLs
  - Further improved IPC communication control
  - RSBAC User Management password history with configurable length to 
avoid password reuse.
  - New request type AUTHENTICATE against USER targets. No 
authentication against RSBAC UM without this right in RC and ACL, so 
even harder to brute force attack

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22



More information about the rsbac mailing list