[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Announce: RSBAC v1.2.3 released

To: RSBAC <rsbac@xxxxxxxxx>, RSBAC-Announce <rsbac-announce@xxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, Suse-Security <suse-security@xxxxxxxx>, sec@xxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Announce: RSBAC v1.2.3 released
From: Amon Ott <ao@xxxxxxxxx>
Date: Fri, 2 Jul 2004 10:06:11 +0200

Rule Set Based Access Control (RSBAC) v1.2.3 has been released! Full 
information and downloads are available from http://www.rsbac.org

We are also proud to announce the relaunch of our Website and a set of 
worldwide mirrors.

RSBAC Key Features:

    * Free Open Source (GPL) Linux kernel security extension
    * Independent of governments and big companies
    * Several well-known and new security models, e.g. MAC, ACL and RC
    * Control over individual user and program network accesses
    * Any combination of models possible
    * Easily extendable: write your own model for runtime registration
    * Now includes on-access virus scanning with Dazuko interface
    * Support for current kernels in 2.4 and 2.6 series
    * Stable for production use since January 2000

Between the first upload and this announcement, the first important 
security bugfixes had to be released, too, which also apply to previous 
versions. You can always find the latest bugfixes at 
http://www.rsbac.org/download/bugfixes, they are already included in some 
of the pre-patched kernel sources (-bfX) at 
http://www.rsbac.org/download/kernels/v1.2.3/


New features in RSBAC v1.2.3:

General:
    * Port to 2.6 kernel series with many internal changes
    * Full log separation between system and RSBAC log
    * Improved hiding of unaccessible processes

AUTH:
    * Learning mode, global and per-process

RC:
    * System boot role, now separate from root's role
    * Extra process type for kernel threads for explicit access control
    * Types for user objects

DAZ:
    * New 100% compatible Dazuko (www.dazuko.org) module
    * On-access scanning through user space antivirus daemons
    * In-kernel scanning result cache, speeding it all up significantly

ACL:
    * Global learning mode

PAX:
    * New PaX support module

JAIL:
    * Several security related and other bugfixes (it is strongly 
      recommended to update)
    * Linux capability restrictions for jailed processes

MAC:
    * Trusted-for-user list instead of single value


Please forward this announcement to where you think it is applicable, e.g. 
local or national security lists, newspapers or magazines, or your 
favourite Internet forum.

Feedback is always welcome!

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

Attachment: pgp00002.pgp
Description: signature

Prev by Date: Registry fixes for the recent IE vulnerabilities
Next by Date: XSS in SCI Photo Chat Server 3.4.9
Previous by thread: Registry fixes for the recent IE vulnerabilities
Next by thread: XSS in SCI Photo Chat Server 3.4.9
Index(es):
- Date
- Thread