Over the last few months, Brian Salcedo has been working on rewriting our secadm tool from scratch. We're excited to announce the first beta release of secadm 0.3.0. User-facing changes in this release include:
secadm set
is now secadm load
and requires a file path.
secadm list
is now secadm show
.
- You can now export the ruleset to different formats with the -f argument! For example,
secadm show -f json
exports the rules to JSON format.
- You can now add/remove rules one at a time with
secadm add
and secadm del
.
- You can now enable/disable rules one at a time with
secadm enable
and secadm disable
.
- UCL rule language is nearly the same.
Please give this release a try. You can download the tarball here and the GPG signature here. If you find any issues, please email Brian Salcedo (brian.salcedo {at} hardenedbsd.org) and CC Shawn Webb (shawn.webb {at} hardenedbsd.org).
Follow this example for the new UCL syntax:
secadm {
pax = {
path = "/usr/local/bin/testpie";
aslr = false;
}
}
Update 2015-11-22 21:58 EST: An issue was found with the PAGEEXEC and MPROTECT feature parsing. The version number has been bumped to 0.3.0-beta-02 and the links have been updated accordingly.