On 8/28/06, suse@rio.vg
I don't know anyone who does, personally. For the vast majority of users, it's actually likely to cause things to be less secure, since access controls are, more often than not, a pain in the ass to set up and maintain. This leads to lapses.
I am working on a personal project to build a custom security assessment/auditing distribution based on suse for the Institute for Security and Open Methodologies(ISECOM). Exploits and auditing resources are already introduced. It's time to start securing the system to ensure data and/or object integrity and confidentiality are not compromised due to local and/or remote subject access. I would like to obtain equivalent EAL4+ functionality, as well as close to B1 as possible.
What do you need RSBAC for? SuSE 10.1 comes standard with AppArmor, which is a pretty nifty system to keep server processes under control. However, it won't stop a rogue user. If that's what you're worried about, RSBAC or SELinux are what you want.
I am looking for a finer-grained control of subjects than is provided with AppArmor. Not to mention that AppArmor provides for access control at the application level and does not take into account other subjects such as individual processes, and the the root account. With RSBAC I can construct a system that can be implemented in a great multitude of access control models such as LaPadula, TPE and Role Compatability,. Plus a correct implementation of a security officer --- thus negating "root" exploits that may render a normal system compromised.
It's been my experience that very few systems these days offer shell accounts, so the vast majority of systems are more interested in locking down their server processes to prevent intrusion in the first place.
I don't believe there is a standard kit for RSBAC applied to SuSE, but I recall one being done for SELinux. If you're going to create a SuSE system with RSBAC, keep in mind that it might not react well to LSM (Linux Security Module) in SuSE's kernels. AppArmor and SELinux both hook to LSM, but I'm pretty sure RSBAC wrote their own system.
Yeah -- i figured some finagling(spelling?) with the hooks would be needed. Even though LSM provides for decision module "stacking"; it may prove to be troublesome. I have decided to provide for a multitude of kernels to accomodate the different access control frameworks. I may need to just go with a patched vanilla kernel for all frameworks. I'll have to look at the pros and cons of both.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here