[ANNOUNCE] Umbrella-0.6 released

From: Kristian Sørensen
Date: Wed Mar 16 2005 - 07:43:40 EST

Next message: Alexander Gran: "Re: Fw: 2.6.11-rc5-mm1: reiser4 eating cpu time"
Previous message: linux-os: "Re: Bogus buffer length check in linux-2.6.11 read()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all!

---
Umbrella is a security mechanism that implements a combination of
Process-Based Access Control (PBAC) and authentication of binaries through
Digital Signed Binaries (DSB). The scheme is designed for Linux-based
consumer electronic devices ranging from mobile phones to settop boxes.

Umbrella is implemented on top of the Linux Security Modules (LSM) framework.
The PBAC scheme is enforced by a set of restrictions on each process. This
policy is distributed with a binary in form of execute restrictions (attached
in the binary) and within the program, where the developer has the
opportunity of making a "restricted fork" for setting restrictions for new
children.
---

We now present you with a new and cool version of Umbrella, namely
version 0.6. Besides fulfilling the roadmap of integration with GNU Privacy
Guard, the code has also been optimized and undertaken some major changes.

Followin is the main major changes:
- Complete integration with GNU Privacy Guard to authenticate binaries
- Hash tables for storing restrictions is replaced by the new, fast and
simple FSR data structure, that mimics the 'dentry' structs in the
kernel
- The Umbrella system call is eliminated and completely replaced by a
/proc filesystem interface
- The Umbrella code is now completely independent of all architectures
and kernel subversions

For instructions on how to try out the Process-Based Access Control and
Digitally Signed Binaries in Umbrella, please download the complete 0.6
tarball from SourceForge:
http://prdownloads.sourceforge.net/umbrella/umbrella-0.6.tar.bz2?download

Please refer to the README file in the tarball for further instructions.

As always we appreciate any comments, suggestions etc. you may have :-)

Enjoy,
The Umbrella Team.

--
Kristian Sørensen
- The Umbrella Project -- Security for Consumer Electronics
http://umbrella.sourceforge.net

E-mail: ipqw@xxxxxxxxxxxx, Phone: +45 29723816
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alexander Gran: "Re: Fw: 2.6.11-rc5-mm1: reiser4 eating cpu time"
Previous message: linux-os: "Re: Bogus buffer length check in linux-2.6.11 read()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]