Linux trustees 3.0 review
DownloadThe main goal of the Linux Trustees project is to create an advanced permission management system for Linux
|
|
The main goal of the Linux Trustees project is to create an advanced permission management system for Linux. The solution proposed is mainly inspired by the approach taken by Novell Netware and the Java security API.
Special objects (called trustees) can be bound to every file or directory. The trustee object can be used to ensure that access to a file, directory, or directory with subdirectories is granted (or denied) to a certain user or group (or all except user or group).
Trustees are like POSIX ACLs, but trustee objects can affect entire subdirectory trees, while ACLs a single file. Trustees works with the 2.6 Linux kernel.
Requirements:
A 2.6 Linux Kernel with source
The standard GNU compiling tools (gcc, make, etc.) (If you can compile a linux kernel, you're good)
Instalation
The kernel module
The included module can be compiled for any 2.6.x kernel. CONFIG_SECURITY, however, must be compiled in. Assuming this is so, simply enter the module/ directory and type
make install
For non-typical situations, the makefile may not be able to find your kernel source directory. If you have problems, try compiling with
make KDIR=/path/to/src/linux-2.6.x install
The settrustees tool
Simple enter the src/ directory and type make. This will build the settrustees tool.
What's New in This Release:
Updated makefile to compile correctly on 2.6.12 and newer and to more closely emulate what is needed to build as part of the kernel tree.
Fixed calculation of buffer size that could result in memory corruption.
This release is considered stable as the svn trunk will be reverting to massively unstable as considerable code reorganizations are done in an attempt to fix up several problems with trustees when dealing with hard-linked files and to bring the code completely up to standards on the 2.6 kernel.
Linux trustees 3.0 keywords