[rsbac] Decision Module in Userspace / RSBAC Object Managers

kang kang at insecure.ws
Mon Jun 6 01:42:59 CEST 2011


This is, I hope, some kind of reply to both of your questions.

There is an RSBAC Apache module, that let the Apache workers switch to a
compatible "virtualhost role" to be able to access a specific virtual
host and serve the request. (with Apache prefork MPM). The worker is
then reset to a "worker main" role by the master (the worker "virtual
host role" is not allowed to switch back itself), when it's task is
finished, ensuring a requested served for one virtual host cannot access
another virtual host.

The worker processes therefore have lesser rights than the master Apache
process (generally, can just read data for the virtualhost they have to
serve, basically - of course, theres a little bit more than that necessary).

This means for such modules, where you want to have some kind of
"decision control", a user space module is not always necessary.

Please note that the RSBAC example works for the RC module (it also has
some JAIL module support, that is similar).

For your application, you might want to achieve something similar. RSBAC
RC is flexible enough, for you to be able to do this without any extra
kernel code or loading a special module from user-space, just using
available functionality.

Should you, nevertheless, want to create your own RSBAC module, you can
start by using the REG facility to register your own module at runtime,
that could load stuff from user space (of course, the safety of the
decision from your module is entirely up to you then).

See: http://www.rsbac.org/documentation/mod_rsbac

More information about the rsbac mailing list