documentation:features
=>  Releases

Current version
Git/Latestdiff: 1.5.6

Latest Snapshots
Produced after each commit or rebase to new upstream version

GIT
RSBAC source code, can be unstable sometimes

=>  Events

No events planned

RSBAC Features

This document list the features provided by RSBAC. In other words, this is what you get by running a RSBAC kernel.

Currently non ordered, non complete list

  • Read-only mode (no attribute writing, for testing)
  • Transactions support (policy changes can be made atomically)
  • Generic list based attributes (objects attributes from all models are stored into hashed, generic lists)
  • In kernel user management (no more /etc/passwd)
  • Network control support
  • Pseudonymous logging (for privacy concerns)
  • Extensive logging capabilities
  • Symlink redirection (symlinks can redirect to another location by role, by uid, by security level or by remote address)
  • Can disable Linux DAC (be sure to convert them with provided tool to RSBAC ACL first)
  • Secure delete (mandatory secure deletion per file, directory or whole filesystem)
  • Hide processes easily with a kernel option
  • Freeze mode (no RSBAC setting can be changed until reboot)
  • Softmode (RSBAC running in non-enforcing mode, can be disabled per single boot)
  • X11 Support
  • Inherited attributes (easy administration)
  • Fast, low overhead solution
  • TTL, define certain accesses at certain dates/time only

You can find more information about modules by reading the security models document.

  • Registration modules (security models can be easily added this way)
  • AUTH module (checks everything about user authentication)
  • RC module (Role based model)
  • ACL module
  • MAC module
  • PaX support
  • Dazuko antivirus interface, with caching
  • CAP module (Linux capacities control)
  • JAIL module (seamless, secure chroot, a simple rsbac_jail <opts> program will do it!)
  • RES module (Linux system resources control)
  • FF module (Special RSBAC attributes)
  • PM module (Privacy Module)
//
documentation/features.txt · Last modified: 2007/05/27 10:49 by 127.0.0.1

documentation/features.txt · Last modified: 2007/05/27 10:49 by 127.0.0.1
This website is kindly hosted by m-privacy