Re: SE Linux vs. RSBAC (was Re: have I been rooted?)
As this issue is of wider interest I'll BCC you and reply to the debian-user
On Fri, 21 Mar 2003 23:48, you wrote:
> On March 21, 2003 05:27 am, Russell Coker wrote:
> > If you install SE Linux then you get much better control over your
> > system. When Apache can't even see other processes or write to /tmp it
> > makes such exploits much more difficult.
> Are you still maintaining the SE Linux packages, is it possible to install
> an SE Linux Woody system?
I am maintaining packages for Debian/Unstable, Brian is maintaining packages
At the sourceforge web site go to the "Docs" link and the first document
explains how to install SE Linux on Debian.
> Have you heard of the Trusted Debian project
> (http://www.trusteddebian.org/) and RSBAC? If you have compared them, I'd
> be interested in your comments.
The "Trusted Debian" project is based on RSBAC which is not as widely
supported as SE Linux. Also it is based around the idea of re-packaging all
Debian software which is a huge amount of work. I currently maintain 21
Debian packages for SE Linux which is more than enough work, maintaining a
fork of all the base packages would be a huge amount of work.
I doubt that the Trusted Debian people will be able to keep up with the range
of packages that you will want to use.
Also there seems to be no information on who makes this "Trusted Debian". The
mailing list archives are broken links and there is no public information on
who is behind the project.
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page