Quote:
Originally Posted by gustav3000
Hey! What do you think about RSBAC project? I see on https://www.rsbac.org/ that there's version for kernel 5.10 and it seems like that project is actively developed. Is it a good alternative for apparmor, SELinux, and grsec?
|
grsec is commercial product now
I did use RSBAC in the past (few years ago) and I liked it. Apparmor and SELinux are part of standard kernel now but you need to configure it obviously. TOMOYO is another option (enable in custom kernel).
Since grsec is commercial now, I am using this:
https://github.com/anthraxx/linux-hardened/releases
maintained by Arch Linux kernel developer. You can combine it with Apparmor or SELinux or TOMOYO.
What you get as a final product is really up to you.
This tool
https://github.com/a13xp0p0v/kconfig-hardened-check
(maintained by someone involved in kernel development and other credible projects) will help to screen kernel config file for some obvious configuration security issues.
Obviously you would need more than hardened kernel config (e.g. file integrity analysis) but this is pretty standard.