ANN: rainbow-0.8.6 release.

Michael Stone michael at laptop.org
Tue Dec 22 00:06:48 EST 2009


Friends,

I am pleased to announce the release of rainbow-0.8.6. Rainbow implements
portions of the isolation shell described in the Bitfrost threat model and
security architecture.

The key differences between this release and its predecessor include support
for garbage collection of uids, ui sugar for resuming uids, bug fixes to the
resume logic, and a simplified singly-linked list library.

This release was made possible by encouragement and suggestions from Sascha
Silbe, Bernie Innocenti, and Benjamin Mako Hill. It has been (minimally) tested
on Debian Sid, Ubuntu Karmic, and Fedora Rawhide and has been packaged in
Fedora Rawhide for your convenience.

Interesting links for this release include:

     git:    git://dev.laptop.org/users/mstone/security
     tar:    http://dev.laptop.org/~mstone/releases/SOURCES/rainbow-0.8.6.tar.bz2
     browse: http://dev.laptop.org/git/users/mstone/security/tree/?id=rainbow-0.8.6
     setup:  http://wiki.laptop.org/go/Rainbow/Installation_Instructions
     tests:  http://wiki.laptop.org/go/Rainbow/Testing

The shortlog from rainbow-0.8.5..rainbow-0.8.6 is:

Bernie Innocenti (1):
       Capture XAUTHORITY.

Michael Stone (19):
       Remove unused flexibility from the spool option parsing code.
       First pass at updated rainbow-gc.
       Clean up group membership.
       Protect sticky uids from garbage collection.
       Clean up some per-uid Xephyr data.
       Improve spool detection checks.
       Install rainbow-gc.
       Add some logging to rainbow-gc.
       Make xephyr usage resumable.
       Teach rainbow to resume uids with more auxiliary groups.
       Add a simple resume subcommand.
       Add INIT() and COPY() operators from dnshash.
       Add a novel singly-linked list implementation.
       Add test_endgrent script.
       Simplify list traversal logic.
       Fix Karmic sudo segfault.
       Tweak warnings and link flags.
       Set default spool location in rainbow-gc.
       rainbow-0.8.6.

Kind regards,

Michael 



More information about the Devel mailing list