[Security_sig] Draft Linux requirements for US Department of the Army (DA) - CC Eval Products?

Ed Reed ereed at novell.com
Tue Feb 22 16:25:46 PST 2005


I'd certainly agree that a CAPP/EAL3 or EAL4 evaluated audit subsystem, like LauS, be allowed, if not required.

But it doesn't sound like you're REQUIRING evaluated products, are you?

It would be useful to know how, if at all, these guidelines reflect against CAPP, and any of the evaluated Red Hat or SuSE products, or whether any of these requirements, like the audit one, conflict with evaluated product configurations...

Ed
 
 
>>>Stephen Smalley <sds at epoch.ncsc.mil> 02/10/05 7:09 am >>> 
On Thu, 2005-02-10 at 08:52, Andy Murren wrote: 
>Feel free to cut and paste what you want.  Please give me feed back. 
>Some of the requirements cannot be changed, I don't control them. 
>Question any one you would like though. 
 
Last I looked, SNARE had significant issues in its kernel code.  If you 
are going to recommend auditing options, then you should look at the 
mainline 2.6 kernel's audit framework that is being enhanced further to 
meet CAPP requirements, and if necessary for short term usage, at the 
LAuS audit implementation by SuSE that has already been CAPP evaluated. 
 
-- 
Stephen Smalley <sds at epoch.ncsc.mil> 
National Security Agency 
 





More information about the security_sig mailing list