[rsbac] Decision Module in Userspace
Shaz
shazalive at gmail.com
Sun Jun 5 17:31:36 CEST 2011
On Sun, Jun 5, 2011 at 8:12 PM, Jens Kasten <igraltist at rsbac.org> wrote:
> Hi,
>
> a point to your Django framework.
> Why should not use RSBAC to secure the webframe work?
> So far I understand, I would not need for daily use and additional
> module in userspace.
> I would analyse what files and directories are directly affected by the,
> if Django runs under his own user, and start to build RC-Roles and
> RC-Types. Than a Nettemplate and other small thinks.
> Now, why I should build RC-Roles befor, so that a userspace software get
> again a RC-Role to obtain his limitation?
> When I would lift up the decision to userspace, so that a software can
> ask if the subject has the correct rights to the object the data have to
> protect by what? If data must store again in the main place, rsbac.dat
> in every mountpoint, so no reason to build more software to lift up the
> decision to userspace.
>
>
What if we are thinking inside Django and the objects of Django not looking
at Django from outside. Not the resources at the kernel/os point of view.
Another example would be the elements of Django in the file and not just the
file. Granularity with respect to Django.
Thanks.
--
Shahbaz Khan
R&D Engineer,
Tactical Engineering and Consultancy.
http://shazkhan.wordpress.com/
http://pk.linkedin.com/pub/shahbaz-khan/20/116/b49
http://imsciences.edu.pk/serg/
http://csrdu.org/
+92-91-332-9915828
More information about the rsbac
mailing list