[rsbac] RSBAC 1.4.3 released
kang
kang at rsbac.org
Mon Nov 30 14:49:01 CET 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Rule Set Based Access Control (RSBAC) 1.4.3 has been released for the
Linux kernel 2.6.31+
GIT, SVN, HTTP, FTP and APT downloads for the new version are available
from the RSBAC website: http://www.rsbac.org
RSBAC is one of the leading access control systems for the Linux
kernel with a good selection of access control models, see
http://www.rsbac.org/why for more details.
This release focus on adding new learning mode for the RC and CAP
modules. We hope you will enjoy it!
Most Important changes since 1.4.2:
* Make RCU rate limit boot and runtime configurable
* Move AUTH auth_program_file kernel-only attribute to GEN program_file
* Implement CAP learning mode for user and program max_caps
* Add global RC learning mode for role rights to types
* Optionally put learning mode results into transactions, one per module
* Show program path in AUTH learning messages
* Allow SCD mlock in PM
* New kernel config RSBAC_SWITCH_BOOT_OFF: ‘Allow to switch modules
off with kernel parameter’
* Show transaction number in learning info messages.
* Add transaction names for human use and set names for learn
transactions.
* Use -I to backup extra groups in rsbac_usershow backup mode.
* New rsbac_usermod parameter -I to set a list of extra groups.
* Add rsbac_usershow -r parameter to add -r to rsbac_useradd in
backup mode.
* Add rsbac_useradd -r and -R parameters to (un)conditionally
replace existing.
* And of course, many bug fixes
The complete lists are available here:
Kernel changes:
http://www.rsbac.org/dl.php?file=code/1.4.3/changes-1.4.3.txt
Admin tools changes:
http://www.rsbac.org/dl.php?file=code/1.4.3/admin-changes-1.4.3.txt
Upgrading from 1.3 or 1.4.x is easy: Compile, install and boot. Some
extra checks might require minor adjustments, though.
Have fun!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAksTzUwACgkQ80VHuunDdyaRSwCggrQvKO8wUfTiKigYWxWhYqzK
SqMAn3SRCwl7IOCqLcI4s2ZYvriVgWWE
=6U3a
-----END PGP SIGNATURE-----
More information about the rsbac
mailing list