On Tue Jan 15, 2002 at 08:27:12PM -0500, Yura Gusev wrote:

> > I see that vincent got an very interesting answer to his LIDS article:
> >
> > http://mandrakeforum.com/article.php?thold=0&mode=nested&order=0&sid=1555&lang=en
> >
> > Anyone user the RSBACS, and knows more about it?
>
> I know that ALTLinux and Kaladix are working on their own
> distributions(Castle and Kaladix Linux) and they use RSBACS
> on server for defence. It looks like RSBACS is more proven
> and secure. I think you should also you RSBACS, this way user
> will have access to more examples and documentation.

I plan on taking a look into RSBACS as soon as I do some digging into
Grsecurity (I think that's what it's called) which is the patch we're
using in our secure kernel in cooker now. Once I can/have evaluated
Grsecurity, I can better determine what is the best for Mandrake.

Chmouel has indicated that the ACL protection in Grsecurity (the
oblivion system) is not being used in our kernels. (oblivion is like
LIDS). I am interested to see how RSBACS compares to the two since it
is also an ACL-based system.

I've done more kernel mucking in these last 6 months than in my entire
time of using Linux... I guess there's no reason to stop now... =)

-- 
MandrakeSoft Security, OpenPGP key available on www.keyserver.net
1024D/FE6F2AFD   88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD
Current Linux kernel 2.4.8-34.1mdk uptime: 4 days 5 hours 56 minutes.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org

iD8DBQE8ROLhIEPQ5f5vKv0RApHYAKC26dyag3dESPlxNG68+dDW+7b1OQCgx9oo aQE1K2AnW+abcLm66tiFWdQ= =bLBM -----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]