Projects / Rule Set Based Access Control

Rule Set Based Access Control

Rule Set Based Access Control (RSBAC) is a Free Software security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) by Abrams and LaPadula and provides a flexible system of access control based on several modules. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.

Tags
Licenses

Recent releases

  •  15 May 2009 08:41

    Release Notes: This release is for Linux kernel 2.6.29.2. A significant speedup and even better SMP scalability are expected from the new RCU based list locking. The most important changes since 1.3.5 are the addition of VUM (Virtual User Management) support, OTP support for UM, support of ANY for NETLINK control, checking of CLOSE requests in RC, the addition of SCD target videomem and kernel attribute pagenr, ext4 secure delete support, and many small bugfixes too. Generic lists were changed to use RCU instead of rw spinlocks.

    •  19 Feb 2008 13:47

      Release Notes: This release works both for Linux kernel version 2.4.36 and version 2.6.23.15. It now supports secure delete on XFS and JFS, and the new kernel parameter rsbac_list_recover allows you to register lists even if reading from disk fails. Minor feature enhancements and bugfixes were made.

      •  29 Nov 2007 16:29

        Release Notes: This version includes all the bugfixes from version 1.3.6, as well as the new virtual user management feature. This feature lets you have many virtual user sets in your system. As an example, you can start your mail server in a different set, and the users you're getting mail to will not be any of the system users. Likewise, your jails can be started in a different set so that the users in that jail will never be the same ones as the real system users.

        •  20 Jul 2007 11:53

          Release Notes: This release relates to kernel 2.4.34.5 and 2.6.22.1. There are important fixes with some compilation errors and an important bug with User Management password hashing, introduced with the newer 2.6 kernel crypto API. Some security has been added with safety measures against null pointers.

          •  06 Jun 2007 12:39

            Release Notes: The changes for this release were fixes in the administration tools package for attribute backup and library paths, plus some minor bugfixes. No changes were made in rsbac-common.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.