Releases
Stable: 1.4.4
kernel:
- 2.6.33+
Full RSBAC kernels
Lazy of patching ?
Get the already rsbac-patched kernel. Choose your flavor.
Classic kernels
Includes vanilla kernel with the RSBAC patch
- 2.6.33
Enhanced kernels
PaX+RSBAC kernels
- 2.6.33 (20100421)
Debian repository
Also works for Ubuntu and other Debian-based distributions, of course
GIT
Cutting edge RSBAC source code, can be unstable sometimes
Kernel | Tools
Events
No events planned
Documentation
Manpages for RSBAC binaries
Virtuelle Machine on RSBAC-System
This article describes how to run a VM on a host which has RSBAC + PaX enabled.
My choice is KVM, because it is the easiest to use and already included in the mainline kernel. It performs so well that you can work on the guest system without even noticing that it is a VM.
Prepear the hostsystem
To get more security than basic the distributions offers
- Install gentoo-hardened
- Run the guest process as an unpriviliged user (see HowTo)
- Setup rsbac_jail to start kvm-guest (see kvm guest jail)
RSBAC-Jail
run-jail is a script wich allow us to setup the rsbac-jail with a configurationfile.
This is the documentation site for rsbac_jail
RC Setup
New Age for RC
Since the rsbac have now the possibility to use learning mechanisms, it is now quite easy to use this module. It can be quite useful even on a desktop system. More details soon. (31.01.2010)
Test Setup for using the RC Module.
This setup is now deprecated (25.02.2010)
- Setup for login (local and remote examples)
- Setup for webserver (apache2 as exemple)
It can be generated with
rc_get_item -v -p htmlprint > rc_03.05.2009.html
A nice overview