[Security_sig] DCL security section early draft

Chris Wright chrisw at osdl.org
Mon Dec 13 12:32:59 PST 2004


* Chris Wright (chrisw at osdl.org) wrote:
> Here's the early draft, thanks to Lynn and Mary for capturing where we
> are and getting it written down.

Couple minor issues that I saw from quick review:

pg1-paragraph2
s/for a Linux/for Linux

pg1-last sentence
s/Linux/Data Center Linux/
(the approach definitions still need a bit of clarification)

pg2-paragraph3
s/what gaps to/what gaps do/

pg3-assumption1
I don't agree that separation of duties is primarily for audit trail.

pg5-refs
References typically go at end.

pg5-cap1
Hmm, should it just be access control scheme at top-level, the DAC used
as minimal example/requirement?

pg5-cap2
We just need an audit log, the type could be discussed under the
top level need.
I think we'll need to cleanup the language regarding audit functionality
(the evident/resistant definitions need some refining).

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net



More information about the security_sig mailing list