[Security_sig] Draft Linux requirements for US Department
of the Army (DA) - CC Eval Products?
ereed at novell.com
Tue Feb 22 16:25:46 PST 2005
I'd certainly agree that a CAPP/EAL3 or EAL4 evaluated audit subsystem, like LauS, be allowed, if not required.
But it doesn't sound like you're REQUIRING evaluated products, are you?
It would be useful to know how, if at all, these guidelines reflect against CAPP, and any of the evaluated Red Hat or SuSE products, or whether any of these requirements, like the audit one, conflict with evaluated product configurations...
>>>Stephen Smalley <sds at epoch.ncsc.mil> 02/10/05 7:09 am >>>
On Thu, 2005-02-10 at 08:52, Andy Murren wrote:
>Feel free to cut and paste what you want. Please give me feed back.
>Some of the requirements cannot be changed, I don't control them.
>Question any one you would like though.
Last I looked, SNARE had significant issues in its kernel code. If you
are going to recommend auditing options, then you should look at the
mainline 2.6 kernel's audit framework that is being enhanced further to
meet CAPP requirements, and if necessary for short term usage, at the
LAuS audit implementation by SuSE that has already been CAPP evaluated.
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the security_sig