RPMShield is a tool that addresses the problem of securing software configurations from the security-relevant actions of poorly built/faulty installation packages. Our approach is based on a policy-based control of the package manager's actions. The policies are specified at a high level and the list of policies is customizable.


Click here for features and benefits of RPMShield


For a technical description of our tool please see our paper published in USENIX System administration conference LISA 2002 titled
``An approach for secure software installation''.[rpmshield.ps]

Source download

Shipped under GNU general public license 2.0.
Click here for downloading the source tarball.

Other useful downloads

Current version: 0.9(beta)

Recommended OS: RedHat Linux 7.1 through 7.3
(Note : Compatibility with versions earlier than those listed above and also with RedHat Linux 8.0 and later has not yet been thoroughly tested)

Download locations of the packages required for installation/working are given below.Please visit the links and select the appropriate version for the package to be installed .
(Note : Recommended versions of all required packages are those provided by RedHat Linux 7.1 through 7.3)

Click here for rpm package manager

Click here for J2SE 1.3 (Sun JRE/JDK)
Click here for J2SE 1.4 (Sun JRE/JDK)

Click here for perl

Click here for gv

Click here for wget

Click here for tar


Development of this tool and research involved in building this tool has been sponsored in part by ONR University Research Initiative grant N000140110967 and NSF grant CCR-0098154.


Please send email to sekar@cs.sunysb.edu.