1 |
Hi everyone, |
2 |
|
3 |
A long time ago, Gentoo used to provide RSBAC sources. For those of you |
4 |
unfamiliar with RSBAC = rules set based access control, it provides |
5 |
hardening similar to grsec. See their web page at: |
6 |
|
7 |
https://www.rsbac.org |
8 |
|
9 |
These patches were eventually removed because of waning activity, but |
10 |
recently Amon Ott and his team started working on RSBAC and there has |
11 |
been renewed interest within the community. You can see their activity |
12 |
on their repos: |
13 |
|
14 |
http://git.rsbac.org/cgi-bin/gitweb.cgi |
15 |
|
16 |
So, I put the rsbac admin tool and kernel sources on my overlay and |
17 |
Issiah Hill started testing them. I think we've progressed to the point |
18 |
where we can reintroduce those kernel sources back into the gentoo tree, |
19 |
so I did. |
20 |
|
21 |
The new packages are |
22 |
|
23 |
1) sys-kernel/rsbac-sources = vanilla linux 3.1.5 + genpatches + rsbac |
24 |
patches. They do NOT at present contain the pax patches, but will in |
25 |
the next rev bump. |
26 |
|
27 |
2) sys-apps/rsbac-admin = the admin tool for rsbac |
28 |
|
29 |
At this point, everything is experimental and I would not recommend them |
30 |
for a production server. But they are there now for testing and |
31 |
hopefully full stabilization. I welcome feedback from both our users |
32 |
and the RSBAC team. |
33 |
|
34 |
-- |
35 |
Anthony G. Basile, Ph.D. |
36 |
Gentoo Linux Developer [Hardened] |
37 |
E-Mail : blueness@g.o |
38 |
GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535 |
39 |
GnuPG ID : D0455535 |