LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: November 21st, 2014
Linux Security Week: November 17th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Announce: RSBAC v1.2.0 released Print E-mail
User Rating:      How can I rate this item?
Source: RSBAC Project - Posted by Dave Wreski   
Security Projects RSBAC is a flexible, powerful and fast open source access control framework for current Linux kernels, which has been in stable production use since January 2000 (version 1.0.9a). All development is independent of governments and big companies, and no existing access . . .
From: Amon Ott To: RSBAC List Subject: Announce: RSBAC v1.2.0 released
Hi!

Rule Set Based Access Control (RSBAC) version 1.2.0 has been released.Full information and downloads are available from http://www.rsbac.org

RSBAC is a flexible, powerful and fast open source access control frameworkfor current Linux kernels, which has been in stable production use sinceJanuary 2000 (version 1.0.9a). All development is independent of governmentsand big companies, and no existing access control code has been reused.

This version comes with many new features, e.g.:

  • Network Device (NETDEV) targets (for configuration and raw access)
  • Real template based network access control with Network Object (Socket) templates (NETTEMP) and targets (NETOBJ) and new request types BIND, CONNECT, etc.
  • CAP module with min and max Linux Capabilities for users and programs
  • Network and firewall config protection as new SCD targets
  • Unlimited roles and types in Role Compatibility (RC) model
  • Separate request type MAP_EXEC for library mapping (used to be EXECUTE, too)
  • User ID and RC role based symlink redirection support
  • Lifetime limits for many RC and ACL settings, like access rights and group memberships

Amon Ott.

Brief Description

Name:          rsbacVersion:       1.2.0Kernelver:     2.2.20, 2.4.18Status:        9 (UP), 8 (SMP)Author:        Amon Ott Maintainer:    Amon Ott Description:   Rule Set Based Access Control (RSBAC)Date:          28-May-2002Descfile-URL:  http://www.rsbac.org/rsbac.descDownload-URL:  http://www.rsbac.org/download.htmHomepage-URL:  http://www.rsbac.org/Manual-URL:    http://www.rsbac.org/instadm.htm

What is RSBAC?

Name:          rsbacVersion:       1.2.0Kernelver:     2.2.20, 2.4.18Status:        9 (UP), 8 (SMP)Author:        Amon Ott Maintainer:    Amon Ott Description:   Rule Set Based Access Control (RSBAC)Date:          28-May-2002Descfile-URL:  http://www.rsbac.org/rsbac.descDownload-URL:  http://www.rsbac.org/download.htmHomepage-URL:  http://www.rsbac.org/Manual-URL:    http://www.rsbac.org/instadm.htm

Key features

  • Open Source (GPL)
  • Independent of governments and big companies
  • Several well-known and new security models, e.g. MAC, ACL and RC
  • Control over individual user and program network accesses
  • Any combination of models possible
  • Easily extensible: write your own model for runtime registration
  • Support for current kernels
  • Stable for production use
RSBAC is a flexible, powerful and fast open source access control frameworkfor current Linux kernels, which has been in stable production use sinceJanuary 2000 (version 1.0.9a). All development is independent of governmentsand big companies, and no existing access control code has been reused.

The standard package includes a range of access control models like MAC, RC,ACL (see below). Furthermore, the runtime registration facility (REG) makesit easy to implement your own access control model as a kernel module andget it registered at runtime.

The RSBAC framework is based on the Generalized Framework for Access Control(GFAC) by Abrams and LaPadula. All security relevant system calls areextended by security enforcement code. This code calls the central decisioncomponent, which in turn calls all active decision modules and generates acombined decision. This decision is then enforced by the system callextensions.

Decisions are based on the type of access (request type), the access targetand on the values of attributes attached to the subject calling and to thetarget to be accessed. Additional independent attributes can be used byindividual modules, e.g. the privacy module (PM). All attributes are storedin fully protected directories, one on each mounted device. Thus changes toattributes require special system calls provided.

From version 1.2.0, all types of network accesses can be controlledindividually for all users and programs. This gives you full control overtheir network behaviour and makes unintended network accesses easier toprevent and detect.

As all types of access decisions are based on general decision requests,many different security policies can be implemented as a decision module.Apart from the builtin models shown below, the optional Module Registration(REG) allows for registration of additional, individual decision modules atruntime.

In the RSBAC version 1.2.0, the following modules are included. Please notethat all modules are optional. They are described in detail in an extratext.

  • MAC: Bell-LaPadula Mandatory Access Control (compartments limited to a number of 64)

  • FC: Functional Control. A simple role based model, restricting access to security information to security officers and access to system information to administrators.

  • SIM: Security Information Modification. Only security administrators are allowed to modify data labeled as security information

  • PM: Privacy Model. Simone Fischer-Hübner's Privacy Model in its first implementation. See our paper on PM implementation (43K) for the National Information Systems Security Conference (NISSC 98)

  • MS: Malware Scan. Scan all files for malware on execution (optionally on all file read accesses or on all TCP/UDP read accesses), deny access if infected. Currently the Linux viruses Bliss.A and Bliss.B and a handfull of others are detected. See our paper on Approaches to Integrated Malware Detection and Avoidance (34K) for The Third Nordic Workshop on Secure IT Systems (Nordsec'98)

  • FF: File Flags. Provide and use flags for dirs and files, currently execute_only (files), read_only (files and dirs), search_only (dirs), secure_delete (files), no_execute (files), add_inherited (files and dirs), no_rename_or_delete(files and dirs, no inheritance) and append_only (files). Only FF security officers may modify these flags.

  • RC: Role Compatibility. Defines roles and types for each target type (file, dir, dev, ipc, scd, process etc.). For each role, compatibility to all types and to other roles can be set individually and with request granularity. For administration there is a fine grained separation-of-duty. Granted rights can also have a time limit.

  • AUTH: Authorization enforcement. Controls all CHANGE_OWNER requests for process targets, only programs/processes with general setuid allowance and those with a capability for the target user ID may setuid. Capabilities can be controlled by other programs/processes, e.g. authentication daemons.

  • ACL: Access Control Lists. For every object there is an Access Control List, defining which subjects may access this object with which request types. Subjects can be of type user, RC role and ACL group. Objects are grouped by their target type, but have individual ACLs. If there is no ACL entry for a subject at an object, rights are inherited from parent objects, restricted by an inheritance mask. Direct (user) and indirect (role, group) rights are accumulated. For each object type there is a default ACL on top of the normal hierarchy. Group management has been added in version 1.0.9a. Granted rights and group memberships can have a time limit.

  • CAP: Linux Capabilities (new in 1.2.0). For all users and programs you can define a minimum and a maximum Linux capability set ("set of root special rights"). This lets you e.g. run server programs as normal user, or restrict rights of root programs in the standard Linux way.

A general goal of RSBAC design has been to some day reach (obsolete) OrangeBook (TCSEC) B1 level. Now it is mostly targeting to be useful as secure andmulti-purposed networked system, with special interest in firewalls.

Amon Ott <ao@rsbac.org>

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Google Removes SSLv3 Fallback Support From Chrome
Hacker Lexicon: What Is End-to-End Encryption?
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.