Policy and acl design

Submit your RBAC policies or suggest policy improvements

Moderators: spender, PaX Team

Policy and acl design

Postby andutt » Thu Feb 17, 2005 5:57 am

Does anybody have any good suggestion howto design the policy and acl structure in a sane matter?

We have reached a point where it takes very long time to implement new rules and applications. So i thought maybe this have been discussed before.

This is how i have planned to redesigned it, any other suggestion or docs i can read or get other opinions?
Code: Select all
                                      default policy
                                               |
                    default acls  -  ipprogram  - noipprogram
andutt
andutt
 
Posts: 21
Joined: Mon Dec 16, 2002 4:20 am

Postby spender » Fri Feb 18, 2005 4:27 pm

I'm not sure what you're asking exactly. If you can explain it a bit more, I could be of more help.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Location: VA, USA


Return to RBAC policy development

cron