Any interest in an SELinux presentation?
Doc.Brown at rolls-royce.com
Doc.Brown at rolls-royce.com
Thu Aug 4 09:35:33 MDT 2005
Josh,
I'd like to hear about how SELinux can be configured to pass the government
NISPOM chapter 8 auditing policy requirements; specifically DSS C2 PL-1
audits for systems where ALL users have formal access approval and ALL users
have the "need-to-know." By the way, to folks on this list who don't know
the jargon, the DSS is the Defense Security Service and their website is
(http://www.dss.mil <http://www.dss.mil/> ). CA stands for Controlled Access
Protection see (http://csrc.ncsl.nist.gov/secpubs/rainbow/std001.txt
<http://csrc.ncsl.nist.gov/secpubs/rainbow/std001.txt> ) and PL-1 stands for
Protection Level 1 and it is the easiest of the 4 levels to pass...however
it is by no means easy to pass. Chapter 8 of the NISPOM can be seen here
(http://www.dss.mil/isec/change_ch8.htm
<http://www.dss.mil/isec/change_ch8.htm> ). I have been using a product
called Snare for Linux (http://www.intersectalliance.com/projects/Snare/
<http://www.intersectalliance.com/projects/Snare/> ) to pass these audits.
In regards to the time-frame, I'd rather have Josh do the Sept. presentation
(since I will most likely not be able to make the October one due to a new
member of my family arriving at that time). Not that I wouldn't LOVE to
hear Ram Rao speak again, but I am somewhat involved in Linux Security at
Rolls-Royce and I really-really-really want to hear about the SELinux stuff.
Regards,
David (Doc) Brown
Rolls-Royce, Mail Stop W2C
2001 S. Tibbs Ave.
Indianapolis, IN 46241
317.230.3623 - Voice
317.235.3883 - Pager
<mailto:doc.brown at eds.com> doc.brown at eds.com
<mailto:doc.brown at rolls-royce.com> doc.brown at rolls-royce.com
-----Original Message-----
From: cinlug-bounces at lists.cinlug.org
[mailto:cinlug-bounces at lists.cinlug.org] On Behalf Of Josh Bressers
Sent: Thursday, August 04, 2005 9:47 AM
To: Brown, David (Test Department)
Subject: Re: Any interest in an SELinux presentation?
> If there's interest, I'd be willing to give a talk on SELinux.
>
> For those of you who don't know what SELinux is, here's a few links:
>
> http://www.nsa.gov/selinux/ <http://www.nsa.gov/selinux/>
> http://www.crypt.gen.nz/selinux/faq.html
<http://www.crypt.gen.nz/selinux/faq.html>
Well, it seems September is free at this point, so if there are no
complaints, I'd love to be the presenter.
Now for the important bits, what does everyone want to hear about? There
are a number of new security related technologies springing up in various
things Linux, SELinux being the most popular. Currently I plan to focus on
a very high level overview of SELinux, probably with a few mentions of
things like ExecShield and some of new glibc/gcc enhancements.
As for a little background for those of you wondering "Who is this person
and why should I waste my precious TV time to listen to him?"
I live in the Indianapolis area and work on the Security Response Team for
Red Hat (you may have heard of them). My job is to basically find and
verify all the things we fix in our security errata.
Thanks.
--
JB
This email message and any attachments are for the sole use of the intended
recipients and may contain proprietary and/or confidential information which
may be privileged or otherwise protected from disclosure. Any unauthorized
review, use, disclosure or distribution is prohibited. If you are not the
intended recipients, please contact the sender by reply email and destroy
the original message and any copies of the message as well as any
attachments to the original message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.cinlug.org/pipermail/cinlug/attachments/20050804/17432877/attachment.htm
More information about the cinlug
mailing list