Tuesday, 13/September/2016

RSBAC 1.5.0 has been released for kernel 4.4.20. Please drop us a note if you need support for other kernel versions.

The most important changes since 1.4.9 are the port to longterm kernel 4.4 and the new feature “Prevent memory write and execute (RSBAC mprotect)” to prevent against process memory segments being both writable and executable. This new hardening feature made me choose a new middle version number.

The change lists are here: Kernel changes: http://www.rsbac.org/dl.php?file=code/1.5.0/changes-1.5.0.txt

Admin tools changes: http://www.rsbac.org/dl.php?file=code/1.5.0/admin-changes-1.5.0.txt

Please consider giving some feedback on the RSBAC mailing list.

Monday, 12/January/2015

RSBAC 1.4.9 has been released for kernels 3.14.28, 3.14.27, 3.12.35 and 3.10.64. Please drop us a note if you need support for other kernel versions.

Major changes since 1.4.8 are the ports to longterm kernels 3.12 and 3.14, enhancements in jails, signals and logging and a fix for a long standing race condition with Unix sockets.

The change lists are here: Kernel changes: http://www.rsbac.org/dl.php?file=code/1.4.9/changes-1.4.9.txt

Admin tools changes: http://www.rsbac.org/dl.php?file=code/1.4.9/admin-changes-1.4.9.txt

Have fun!

Thursday, 13/February/2014

RSBAC 1.4.8 has been released for kernel 3.10.29. Please drop us a note if you need support for other kernel versions.

Most important changes since 1.4.7:

• Remove PM module
• Add UDF module
• Various small fixes

The complete lists of changes are available here:

Kernel changes: http://www.rsbac.org/dl.php?file=code/1.4.8/changes-1.4.8.txt

Admin tools changes: http://www.rsbac.org/dl.php?file=code/1.4.8/admin-changes-1.4.8.txt

Have fun!

Thursday, 13/February/2014

Since PaX for the latest longterm kernel 3.10 has not been maintained by the official team for a while, we (m-privacy) have started providing updated patches as well as a git repository with RSBAC and PaX ourselves. You can find everything at https://git.m-privacy.de/

Please test and report, we are interested in your feedback!

Tuesday, 20/August/2013

RSBAC 1.4.7 has been released for kernels 3.10.7 and 3.2.50.

Most important changes since 1.4.6:

• Add optional MOVETO request with kernel config option: used when moving into a dir instead of old WRITE on DIR target.
• Support 32 Bit RSBAC userland under 64 Bit kernel

The complete lists of changes are available here:

Kernel changes: http://www.rsbac.org/dl.php?file=code/1.4.7/changes-1.4.7.txt

Admin tools changes: http://www.rsbac.org/dl.php?file=code/1.4.7/admin-changes-1.4.7.txt

Have fun!

Tuesday, 13/December/2011

RSBAC 1.4.6 has been released for the kernel 3.1.5.

Most important changes since 1.4.5:

• Add RSBAC syscalls and tools parameters to get and set UM password history size per user
• Security bugfix for sys_open() request types (see earlier post)
• Add rsbac_jail parameter -K for allow_netlink flag
• Add rsbac_usershow parameters to list users with shell or full name

The complete lists of changes are available here:

Kernel changes: http://www.rsbac.org/dl.php?file=code/1.4.6/changes-1.4.6.txt

Admin tools changes: http://www.rsbac.org/dl.php?file=code/1.4.6/admin-changes-1.4.6.txt

Have fun!

Friday, 12/Aug/2011

RSBAC has been successfully ported to Linux kernel 3.0, you find a new git repo at git.rsbac.org. Please test it and report so that we can make a new 3.0 based release soon.

Thursday, 14/Jul/2011

RSBAC has been successfully ported to 2.6.39.3, you find a new git repo at http://git.rsbac.org. Please test it and report so that we can make a new release soon.