| 1 |
Hi everyone, |
| 2 |
|
| 3 |
A long time ago, Gentoo used to provide RSBAC sources. For those of you |
| 4 |
unfamiliar with RSBAC = rules set based access control, it provides |
| 5 |
hardening similar to grsec. See their web page at: |
| 6 |
|
| 7 |
https://www.rsbac.org |
| 8 |
|
| 9 |
These patches were eventually removed because of waning activity, but |
| 10 |
recently Amon Ott and his team started working on RSBAC and there has |
| 11 |
been renewed interest within the community. You can see their activity |
| 12 |
on their repos: |
| 13 |
|
| 14 |
http://git.rsbac.org/cgi-bin/gitweb.cgi |
| 15 |
|
| 16 |
So, I put the rsbac admin tool and kernel sources on my overlay and |
| 17 |
Issiah Hill started testing them. I think we've progressed to the point |
| 18 |
where we can reintroduce those kernel sources back into the gentoo tree, |
| 19 |
so I did. |
| 20 |
|
| 21 |
The new packages are |
| 22 |
|
| 23 |
1) sys-kernel/rsbac-sources = vanilla linux 3.1.5 + genpatches + rsbac |
| 24 |
patches. They do NOT at present contain the pax patches, but will in |
| 25 |
the next rev bump. |
| 26 |
|
| 27 |
2) sys-apps/rsbac-admin = the admin tool for rsbac |
| 28 |
|
| 29 |
At this point, everything is experimental and I would not recommend them |
| 30 |
for a production server. But they are there now for testing and |
| 31 |
hopefully full stabilization. I welcome feedback from both our users |
| 32 |
and the RSBAC team. |
| 33 |
|
| 34 |
-- |
| 35 |
Anthony G. Basile, Ph.D. |
| 36 |
Gentoo Linux Developer [Hardened] |
| 37 |
E-Mail : blueness@g.o |
| 38 |
GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535 |
| 39 |
GnuPG ID : D0455535 |
Archives