[cgl_discussion] A concept/framework not a distribution ?
Peter R. Badovinatz
tabmowzo at us.ibm.com
Mon Mar 19 17:27:18 PDT 2007
Your conclusion about CGL is that our specification is indeed a
collection of functional requirements. A distributor needs to provide
functional capabilities that satisfy those requirements to have a
"Carrier Grade Linux" distribution.
Included among the requirements are security requirements that describe
the functional capabilities needed to provide a secure CGL distribution.
But, as these are a collection of functional requirements they do
not alone guarantee a secure system. It is still necessary to ensure
that these capabilities are supported in the system, are configured, and
are able to be activated at run-time.
The CGL specification attempts to address a variety of system
deployments and not all actual deployments will need all requirements.
It's still necessary to determine the specific security needs for your
deployment to ensure that the proper capabilities can be provided and
activated in your environment.
There is much more information on the Carrier Grade Linux specifications
and related information from:
With the merger of the OSDL and FSG the web site is in a bit of flux but
you should be able to find the information.
hwoehle at arcor.de wrote:
> Let me first introduce myself:
> I am Manager for Information Security and Data Protection/Privacy at a Telco
> in Germany.
> An outfitter of some of our new VoIP Equipment answered to my question about
> system-Security and hardening,
> that i must not be worried about it why they are using Carrier-Grade-Linux
> and it is high-secure by design.
> I search along the internet and googled a little about CGL and came to the
> that CGL is not a distribution but a framework or better a sum of
> requirements a distribution have to meet to be a Carrier-Grade-Linux.
> And so the security part have to be done from the "distribution"
> Can some untangle that for me ?
> With kind regards
> cgl_discussion mailing list
> cgl_discussion at lists.osdl.org
Peter R. Badovinatz aka 'Wombat'
STG Telecommunications, Linux & Standards
preferred: tabmowzo at us.ibm.com / alternate: wombat at us.ibm.com
These are my opinions and absolutely not official opinions of IBM, Corp.
More information about the cgl_discussion