[Security_sig] [maryedie@osdl.org: Security Call this week.]
Chris Wright
chrisw at osdl.org
Thu Aug 4 09:10:41 PDT 2005
----- Forwarded message from Mary Edie Meredith <maryedie at osdl.org> -----
Date: Tue, 02 Aug 2005 17:24:29 -0700
From: Mary Edie Meredith <maryedie at osdl.org>
Outstanding questions:
Edge Server:
Are hostile attackers expected?
Who controls the access control policy?
How many authorized users to expect?
Any separation of duties for sys admin?
What's important to audit?
continuance? importance of denial of service attacks? Anything else?
Is there any sensitive information on this server?
Mid-Tier
Who controls the access control policy?
How many authorized users to expect?
Any separation of duties for sys admin?
Is audit important, and what's to audit?
Infrastructure Server:
Do internal users get access, or only system admins? Who controls the
access control policy? How many authorized users to expect?
Any separation of duties for sys admin?
What's important to audit?
Departmental Server:
Are hostile attackers expected?
Who controls the access control policy?
Any separation of duties for sys admin?
Is audit important, and what to audit?
----- End forwarded message -----
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
More information about the security_sig
mailing list