[Dazuko-devel] 2.0.2-pre2 with RSBAC support posted

[John Ogness]

Hi,

A new pre-release has been posted, which includes support for RSBAC. 
Amon and I still have a few more features we want to integrate in order 
to optimize performance, but the basic functionality is complete. RSBAC 
provides an advanced control framework for the Linux kernel and I would 
like to dedicate a part of the Dazuko website to helping people set up 
and configure it on their systems. This would provide a much faster and 
more secure Dazuko-based environment.

This pre-release also includes the Linux 2.2 and 1.x compatible mode 
fixes that I mentioned in my previous post.

In this message I have attached the email sent out by Amon Ott to the 
RSBAC mailing list. This is Dazuko's first official alliance with 
another open source project and I find it very exciting. I hope the 
future will bring more alliances to help improve Dazuko as well as 
promote more secure, compatible, and flexible operating systems.

John Ogness


-------- Original Message --------
Subject: Dazuko for RSBAC
Date: Thu, 15 Apr 2004 09:47:53 +0200
From: Amon Ott <address@hidden>
Organization: RSBAC
To: RSBAC Discussion and Announcements <address@hidden>

Hello everybody!

Thanks to John Ogness, the Dazuko author, we now have improved Linux
on-access scanning within the RSBAC framework. The Dazuko interface is
supported by many Antivirus vendors, and several others have stated that
they are working on its support.

The only critics I read against Dazuko so far have been that
- it hooked into the system call table (for 2.2 and 2.4 kernels) or used
LSM (2.6, see http://rsbac.org/lsm.htm)
- its interface and the scanners could not be protected against misuse by
root processes.

The first item is solved by using RSBAC REG, the second by using the other
RSBAC modules to protect the Dazuko device.

Dazuko for RSBAC is implemented as a REG module for runtime registration.
To get it running on the current RSBAC releases 1.2.2 and 1.2.3-pre4, you
need a small RSBAC patch, which will be included in 1.2.3-pre5 and which
is already in the rsync code of 1.2.3-pre.
We will soon add fast result caching (using RSBAC generic lists) and
integrate Dazuko as a fixed RSBAC module.

Please configure Dazuko with
./configure --enable-rsbac

Copy of the latest Dazuko CVS version:
http://rsbac.org/pre/dazuko-cvs20040409.tar.gz

Patch for RSBAC:
http://rsbac.org/pre/rsbac_get_full_path_length.patch

Dazuko Homepage:
http://www.dazuko.org/

Amon.