RSBAC Handbook Releases
Stable: 1.4.3
kernel:
- 2.6.31+
Full RSBAC kernels
Lazy of patching ?
Get the already rsbac-patched kernel. Choose your flavor.
Classic kernels
Includes vanilla kernel with the RSBAC patch
- 2.6.31
Enhanced kernels
PaX+RSBAC kernels
- 2.6.31 (20091127)
Debian repository
Also works for Ubuntu and other Debian-based distributions, of course
GIT
Cutting edge RSBAC source code, can be unstable sometimes
Events
No events planned
Acronyms
There are many, many different acronyms in projects such as RSBAC. This page lists the most important ones, directly or not directly related to RSBAC
Note that you often have acronyms underlined in the website. By moving your mouse cursor over them, you can get a direct description.
General
| Acronym | Meaning | Description |
|---|---|---|
| RSBAC | Rule Set Based Access Control | Free open source access control solution :) |
| REG | Registration Facility | Allows easy registration of new modules/plug-ins for RSBAC. |
| AEF | Access control Enforcement Facility | RSBAC‘s part of the framework enforcing the access control decision. (allow, deny, etc.) |
| ADF | Access control Decision Facility | RSBAC‘s part of the framework deciding about every access, includes all decision modules. |
| SO | Security Officer | Sometimes secoff, the user usually taking care of the security attributes. |
| DAC | Discretionary Access Control | Usually default Linux’s access control, leave the access right control at the discretion of the user. |
| ACI | Access Control Information | Target related meta data like attributes and other meta data like role definitions. |
| ACC | Access Control Context | Decision relevant context data from the kernel environment. |
| ACE | Access Control Entry | Attribute storing the ACI. |
Modules
| Acronym | Meaning | Description |
|---|---|---|
| AUTH | Authenticated User | Controls user authentification, user id changes. |
| UM | User Management | In kernel user management. Replaces traditional shadow-based passwords. |
| RC | Role Compatibility | Put subjects into roles, with access to only certain types. Very powerfull. |
| ACL | Access Control List | Lists of simple access control information rights, per subject. |
| MAC | Mandatory Access Control (Bell-LaPadula) | Enforces access contol per immutable security level. |
| PAX | Protection Against eXecution, or PAge Exec | Various memory protections, NX emulation, address space randomisation. |
| DAZ | Dazuko | Antivirus interface for RSBAC, using Dazuko. |
| CAP | Linux Capabilities | Control Linux’s Posix Capabilities implementation (net raw, dac override, etc.). |
| JAIL | Jail:) | Confines subjects into an hermetic jail, like an improved chroot. |
| RES | Resources | Control Linux’s resource limits (CPU time per user, etc.). |
| FF | File Flags | Simple attribute flags per file/directory. |
| PM | Privacy Module | Takes care of user’s privacy, and private data. |