Comment Re:UNIX security is hopeless. (Score 1) 125
Sounds like you want RSBAC: http://www.rsbac.de/rsbac/
From the overview:
"What is RSBAC?
RSBAC is a security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) by Abrams and LaPadula and provides a flexible system of access control based on several modules.
All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions."
From the overview:
"What is RSBAC?
RSBAC is a security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) by Abrams and LaPadula and provides a flexible system of access control based on several modules.
All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions."
