todo
=>  Releases

Current version
Git/Latestdiff: 1.5.6

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned

RSBAC Progression and Roadmap

This page reflects our current work queue - if you miss anything here, it will probably not happen. Please discuss any wishes on the RSBAC mailing list at rsbac@rsbac.org or open a bug. The RSBAC development team.

Planned for the next release 1.5

  • CAP learning mode for single programs. (possibly 1.4 feature)
  • Persistent transactions, preserved between reboots.
  • RC learning mode - per role, with object types already set before learning. Learn only access rights. Use transactions for saving learning informations. Compare policy before and after learning.
  • Per-target log settings for USER, GROUP, SCD, using log_array_low and log_array_high like for FD, DEV, NETOBJ.
  • Real model driven logging model - extend the decision return code to also signal whether this module requests logging. Still, we could use the object based logging rules for other targets than FD, DEV and NETOBJ. Note that these rules can also suppress logging - the decision extension could only request logging. (make possible to implement all audit policies in official and bussines use)
  • JAIL FD attributes and templates to force a jail on a program in the moment it is executed. Use new attribute for it and templates for jail policy storage. (michal)
  • Replace the Dazuko interface with an RSBAC interface, compatible with Dazuko/Fazuko registration/scanning. Use RSBAC caching/attributes instead of path based Dazuko's pass. (will ignore include/exclude path settings inside the scanner). This will result in faster scanning and more consistent attributes (attributes already there)
  • Add more REG modules as examples yet ready for production use - most important seclvl. (michal)
  • Include patches for standard system tools like ps,top,ls.
  • (maybe - michal) Implement RSBAC in Xen hypervisor for inter-domain access control. There is actualy less to be done than for linux - not so many requests and interceptions. That would allow RSBAC to control how Xen domains can communicate with each other, possibly securing virtual machines against unknown vulnerabilities in Xen (that would normaly allow guests to break out from Xen and reach physical machine).
  • Wrappers for rpm and dpkg to backup and restore attributes on package updates.

After 1.5

  • New rsbac_um_menu for UM administration
  • User Management option to automatically create user pseudos when adding a user.
  • Show difference between two RC roles.
  • Allow IP list in jail, not just one IP. (michal)
  • Per RC role and type ADF debug mode
  • ACL learning mode for RC roles and other target types.
  • Tool to see all RSBAC managed properties applied to one object.
  • Solution for rsbac_list_get_all_* with very long lists (>100000 entries), e.g. allow to specify an offset.

Planned for possible future inclusion

  • Automatic secure and reliable list replication to other RSBAC systems.
  • Get Xen working with RSBAC. Add SCD:xen control for xen administration.
  • Pseudonymic remote IP addresses: When process asks for peer address, return a pseudonymic address, if enabled both for program and matching template. Provide same functionality for firewall and RSBAC logs. Useful for privacy conforming logs. Pseudonyms per byte, forward and reverse lookup tables for values.
  • Avoid request no module stated any interest in. Use a request_vector_t to store and a simple inline function to perform the check. Fill vector automatically from DO_NOT_CARE results. Problem with logging, though. Does not work with RC and ACL, because they always check all requests, so maybe per-module.
  • New rsbac_ipc_menu in admin tools for IPC administration
  • AUTH daemon for backwards compatible and network based authentication enforcement.
  • ACLs for ACL groups.
  • Programs as ACL subjects, e.g. assign ACL program IDs to program files and use them in ACL entries.
  • Full support for IPv6 in Network Templates and network/firewall administration.
  • IPv6 support in JAIL module.
  • ACL support in Samba.
  • Object history list in rsbac_fd_menus.
  • Mount options rc_type_fd=<n> (might be others if necessary) to override fd rc types on mounted fs. We need to make sure it is secure, maybe with secoff involved in decision.
  • RC ttl setting in menues (already displayed, but setting is a bit tricky).

Planned once we finished building a human cloning machine

  • RBAC model as runtime registration module. (1.5?)
  • SELinux model as runtime registration module. (1.5?)
  • Helper script to load existing SELinux configs into the SELinux module.
  • Make ACL learning mode be triggered by user and/or role.
  • Backup optimization with per-directory reference counters, if counter == 0, skip full tree.
  • (Maybe) Exclude option in backup, maybe with regular expressions.
  • Replace values for ttl'd data, to be used after timeout.
  • Really delete lists on rsbac_list_destroy().
  • (Maybe) make AUTH cap ranges (first-from-uid, last-from-uid, first-to-uid, last-to-uid), so you can have different sets depending on the current uid.
  • Optional RC role and type hierarchy for easier organization.
  • (Maybe) add jail flags and IP FD attributes to force a jail for a program without chroot.
  • More sophisticated resource control scheme.
  • Support more network address families in templates.
  • Support more network address families with NETDEV and SCD/network/firewall.
  • PM overhaul and menues.
  • (maybe) Install trace mode with automatic attribute restore (for software updates).
  • More learning modes etc., e.g. with automatic setup script generation.
  • (maybe) Attribute set undo log in menues.
  • (maybe) Attribute get log in menues.
  • Use namespaces for symlink redirection, if suitable.

(see http://marc.theaimsgroup.com/?l=linux-kernel&m=112689584917417&w=2)

  • Review and maybe use XACE xorg's security extensions
  • Everlasting: Improve documentation - there are man pages, concept and detail descriptions, how-tos, examples and other stuff missing (volunteers?)
  • Extend learning modes for automatic setup generation. AUTH learning finished in 1.2.3, simple global ACL learning, too.

See also: Bugtracker

//
todo.txt · Last modified: 2011/08/11 12:21 by 127.0.0.1

todo.txt · Last modified: 2011/08/11 12:21 by 127.0.0.1
This website is kindly hosted by m-privacy