Releases
Stable: 1.4.4
kernel:
Full RSBAC kernels
Lazy of patching ?
Get the already rsbac-patched kernel. Choose your flavor.
Classic kernels
Includes vanilla kernel with the RSBAC patch
Enhanced kernels
PaX+RSBAC kernels
Debian repository
Also works for Ubuntu and other Debian-based distributions, of course
GIT
Cutting edge RSBAC source code, can be unstable sometimes
Kernel | Tools
Events
No events planned
This article describes how to run a VM on a host which has RSBAC + PaX enabled.
My choice is KVM, because it is the easiest to use and already included in the mainline kernel. It performs so well that you can work on the guest system without even noticing that it is a VM.
To get more security than basic the distributions offers
run-jail is a script wich allow us to setup the rsbac-jail with a configurationfile.
This is the documentation site for rsbac_jail
Since the rsbac have now the possibility to use learning mechanisms, it is now quite easy to use this module. It can be quite useful even on a desktop system. More details soon. (31.01.2010)
This setup is now deprecated (25.02.2010)
It can be generated with
rc_get_item -v -p htmlprint > rc_03.05.2009.html
A nice overview