![[ICO]](/icons/blank.gif){kind=icon}
![[PARENTDIR]](/icons/back.gif){kind=icon}
![[TXT]](/icons/text.gif){kind=icon}
![[ ]](/icons/unknown.gif){kind=icon}
| Name | Last modified | Size | Description |
|---|---|---|---|---|
| Parent Directory | - | ||
| INSTALL | 2004-10-17 20:54 | 1.5K | |
| INSTALL.html | 2004-10-17 21:12 | 1.6K | |
| README | 2005-11-18 12:23 | 4.7K | |
| README.html | 2004-10-17 20:54 | 4.7K | |
| README.scripts | 2004-10-17 20:56 | 3.1K | |
| README.scripts.docs | 2004-10-12 21:30 | 1.5K | |
| README.scripts.docs.html | 2004-10-17 21:08 | 1.5K | |
| README.scripts.html | 2004-10-17 21:08 | 3.3K | |
| kernel-2.6.7-rsbac_v1.2.3_bf7_pax_soft.i686.rpm | 2004-10-12 20:57 | 12M | |
| kernel-sourcecode-2.6.7-rsbac_v1.2.3_bf7_pax.noarch.rpm | 2004-10-12 20:41 | 43M | |
| rsbac-admin-1.2.3-bf7.fc2.03.i386.rpm | 2004-10-12 21:29 | 5.8M | |
| rsbac-scripts-0-fc2.05.noarch.rpm | 2004-10-17 20:55 | 20K | |
| rsbac-scripts-0-fc2.07.noarch.rpm | 2004-10-29 18:40 | 25K | |
| rsbac-scripts-0-fc2.10.noarch.rpm | 2004-11-16 13:34 | 27K | |
| rsbac-scripts-0-fc2.11.noarch.rpm | 2004-11-26 19:39 | 31K | |
my goal is to have some rpms of the kernel, tools and configuration scripts for the Fedora Core distributions.
The starting point is Fedora Core 2 with a very limited support, just being able to boot and run the very basic services. At the moment it could be useful for a server running a single service like email or web-server. Workstation support will come much later.
Due to the generic setup I am not aiming at maximum security (whatever that could mean, probably nothing) but just a "better than without". So do not expect strict setup.
If everything goes well, these could become an alternative kernel and security contest to the one developed by RedHat.
I have divided the lot in the following rpm packages:
If you want to install the binaries you need 3 and 1 (1 and 4 depend on 3), 4 is optional, you can try it and help me build better scripts.
At the moment the rpms are in a "IT WORKS FOR ME" state, hopefully they blend without problems with RedHat ones (see the INSTALL file for notes about installation).
The rsbac-scripts are ALPHA code, please help to debug and to write them.
Due to limited resources, only i686 kernels and x86 rsbac-admin are provided, hopefully if things go well we'll be able to provide more binary support. Moreover, no guarantee of fast action can be given, we'll try to follow both RSBAC and Fedora development at a "reasonable" pace.
No src.rpm are provided, indeed it looks a little bit silly for the following reasons: for the kernel is provided a kernel-sourcecode package, for rsbac-admin just download the tar.bz2 file, and the rsbac-scripts are bash scripts for which the source is the code.
For the time being the kernel is compiled from the pre-patched kernel from RSBAC; hopefully at some point it will become possible to patch the Fedora kernel, but at the moment the speed of release of new kernels from Fedora and the difficulty of merging all patches prevents even to attempt this.
At the moment the only way to boot is in SOFTMODE and switch to secure mode later on, this can be done automatically with the scripts. To shutdown or reboot you can do it also in secure mode, but it will complain about not been able to umount some partitions even if it will do it at the end. Not to have problems, first switch to softmode and then do the shutdown.
(c) 2002-2004 Andrea Pasquinucci on the work done by me. All rights reserved.
All lefts may or may not be reversed at my discretion on my work.
Software is under GPLv2 as usual being the Linux kernel and Amon Ott RSBAC patch and admin tools.
My contribution is packaging and creating the scripts in the rsbac-scripts rpm under the same license.
Documentation is under the CreativeCommons Attribution-ShareAlike 2.0 license that can be found at http://creativecommons.org/licenses/by-sa/2.0/
A note on signatures on the rpm. I remind you that a signature just identifies the private key with which the signature has been done. You have no way of knowing who has done the signature, even less who has written the code. Anybody can create a PGP/GPG key writing my name in it, and you do not know who can have a copy of any private key I use. So it is up to you to give any meaning to the signature of an rpm package, but for sure it does _not_ implies any guarantee from me or anybody else.
If you feel unsure about install something since you do not know who has written it and how (are there backdoors or something else?), well you are better writing your own Operating System and applications, that's the only way.
This software is provided "as is" with no warranties whatsoever, expressed or implied. Any risk, damage or responsability of any possible kind in using this software is on you.
The public PGP key used to sign the packages is at
http://www.ucci.it/ucci_pub_key.asc
fingerprint = 569B 37F6 45A4 1A17 E06F CCBB CB51 2983 6494 0DA2
Andrea Pasquinucci, cesare-AT-ucci.it