RSBAC is a security extension for Linux kernels which uses rule sets to control access. It is available as free software.
Furthermore, there is a tiny possibility of logging user activity, making it difficult to detect malicious access. A system administrator's account, commonly known as "root," has full access to every system object, including network services, which can be started or run by it. As such, the root user can access files and directories leading to data compromise. To address these issues, Linux kernel systems currently use a privilege scheme that splits the root user's unique privileges into a set of singular rights called capabilities. The privileges provided to a process, depending on the parent process and executable run, can distinguish between some access types but, for the most part, are ignorant of the object to be accessed.
The RSBAC framework offers another solution to this problem. It provides detailed access control information that solves the issues referenced above, and administrators implementing RSBAC can almost implement any access control model they desire. For instance, the access control model can be made to register as a runtime kernel module, giving it even more flexibility. This framework's advantages also include a robust logging system that makes intrusion attempts easily detectable. Therefore, replacing the fixed access control model with RSBAC provides improved security and control of user activity while providing access to logs for security analysis.
Version 1.3.5: N/A