ASL Security Model

From Atomicorp Wiki
Revision as of 11:47, 23 June 2007 by Scott (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Security In Depth

ASL is a similar design to PSA, its reconfiguring the packages underneath, like mod_security, ossec, the kernel, etc, based on your security model. Granted I'm bundling those rpms as well, but theres nothing to stop you from taking them apart to tinker.

I dont spend a lot of time down in the weeds on the specific packages installed on the system as a security control. In years gone by that was the security model used when there werent any better alternatives. SELinux, and GRSecurity being two of the bigger ones to change that security model with what is called Role Based Access Control (RBAC). With an RBAC system you could have gcc, perl modules, etc installed on the system, and block access to them even by the root user. In practice, its like password protecting applications.

Personal tools