[Security_sig] DCL security section early draft
emilyr at us.ibm.com
Wed Dec 15 09:29:07 PST 2004
Mary Edie Meredith <maryedie at osdl.org> wrote on 12/14/2004 10:36:39 AM:
> Would it be possible for you (or others on the list) to suggest actual
> wording to replace areas you find are weak?
I will do so, but it will probably be the first of the year before I can
devote the time to do so, sorry.
I was also hoping that there would be some discussion/answers to the
> > "Although that approach produced a good list of security features, it
> > did not guarantee anything about security for a Linux in the Data
> > Center."
> > This implies that the new approach does guarantee something about the
> > security of Linux in the Data Center but it was not clear to me what
> > is guaranteed. I think this needs to be clarified.
> > Is there going to be another section that describes the existing
> > implementations that map to each capability/requirement?
IBM Linux Technology Center, Security
512-838-0409 (T/L 678-0409)
emilyr at us.ibm.com
> > I think that the capabilities section on application confinement needs
> > to be fleshed out a little with the continuum of possibilities along
> > the lines of Ed's quick overview in last week's meeting.
> > I'm not clear on how certificates increase the tamper resistance of
> > audit logs. It is not critical to the description but I think that it
> > should either be made a little more clear or just dropped as the rest
> > of the description seems strong enough to stand by itself.
> > Emily
> > Emily Ratliff
> > IBM Linux Technology Center, Security
> > CISSP #51839
> > 512-838-0409 (T/L 678-0409)
> > emilyr at us.ibm.com
> > ______________________________________________________________________
> > _______________________________________________
> > security_sig mailing list
> > security_sig at lists.osdl.org
> > http://lists.osdl.org/mailman/listinfo/security_sig
> Mary Edie Meredith
> maryedie at osdl.org
> Open Source Development Labs
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the security_sig