Mailinglist Archive: opensuse-security (499 mails)

< Previous Next >
RSBAC/390 - Rule Set Based Access Control for S/390
  • From: Matthias Jänichen <mj2@xxxxxxxxxx>
  • Date: Thu, 13 Jun 2002 23:08:23 +0200
  • Message-id: <4.3.2.7.2.20020613230815.00e3ee80@xxxxxxxxx>
Hi,

picking up the thread on "NSA SELinux" again:

At 14:27 31.05.02 +0200, Mark Müller wrote:
Matthias Jänichen wrote:
If you need something to use today you should look at www.rsbac.org.
RSBAC (Rule Set Based Access Controll) is _working_ on Suse,
running for over two years on productive systems.
We've looked at LIDS, RSBAC and SELinux and decided to give SELinux a chance. RSBAC is easier to install, but it lacks LSM support and we don't know where RSBAC is going after Amon has finished its master thesis.

For his PhD(!) thesis the conceptual work on RSBAC is much more important. Nevertheless the requested support for LSM has been discussed. Until LSM development settles down he decided to concentrate on the existing implementation based on kernel patches. This is necessary to provide support for the various existing installations.

At the moment LSM does not provide enough so that many features would either need to be dropped or would need patches again.

After announcement of Version 1.2.0 on the e-open event in Prague Amon has directly started with Version 1.2.1. He has prepared RSBAC 1.2.1pre1 for download at www.RSBAC.org . Due to great interest he implemented architecture support for Linux S/390 and is now looking for pilot installations and/or hardware. Anyone who could help here should get in contact with him directly (Amon Ott <ao@xxxxxxxxx>). We expect this to become an important proof of portability and of the concept to even satisfy the needs for big installations.

Reg.

Matthias Jänichen


< Previous Next >
This Thread
  • No further messages