[rsbac] RSBAC 1.4.3 released

kang kang at rsbac.org
Mon Nov 30 14:49:01 CET 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rule Set Based Access Control (RSBAC) 1.4.3 has been released for the
Linux kernel 2.6.31+

GIT, SVN, HTTP, FTP and APT downloads for the new version are available
from the RSBAC website: http://www.rsbac.org

RSBAC is one of the leading access control systems for the Linux
kernel with a good selection of access control models, see
http://www.rsbac.org/why for more details.


This release focus on adding new learning mode for the RC and CAP
modules. We hope you will enjoy it!

Most Important changes since 1.4.2:

    * Make RCU rate limit boot and runtime configurable
    * Move AUTH auth_program_file kernel-only attribute to GEN program_file
    * Implement CAP learning mode for user and program max_caps
    * Add global RC learning mode for role rights to types
    * Optionally put learning mode results into transactions, one per module
    * Show program path in AUTH learning messages
    * Allow SCD mlock in PM
    * New kernel config RSBAC_SWITCH_BOOT_OFF: ‘Allow to switch modules
off with kernel parameter’
    * Show transaction number in learning info messages.
    * Add transaction names for human use and set names for learn
transactions.
    * Use -I to backup extra groups in rsbac_usershow backup mode.
    * New rsbac_usermod parameter -I to set a list of extra groups.
    * Add rsbac_usershow -r parameter to add -r to rsbac_useradd in
backup mode.
    * Add rsbac_useradd -r and -R parameters to (un)conditionally
replace existing.
    * And of course, many bug fixes

The complete lists are available here:

Kernel changes:
http://www.rsbac.org/dl.php?file=code/1.4.3/changes-1.4.3.txt

Admin tools changes:
http://www.rsbac.org/dl.php?file=code/1.4.3/admin-changes-1.4.3.txt

Upgrading from 1.3 or 1.4.x is easy: Compile, install and boot. Some
extra checks might require minor adjustments, though.

Have fun!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAksTzUwACgkQ80VHuunDdyaRSwCggrQvKO8wUfTiKigYWxWhYqzK
SqMAn3SRCwl7IOCqLcI4s2ZYvriVgWWE
=6U3a
-----END PGP SIGNATURE-----


More information about the rsbac mailing list