Any interest in an SELinux presentation?
Josh Bressers
josh at bress.net
Thu Aug 4 12:32:06 MDT 2005
> Josh,
>
> I'd like to hear about how SELinux can be configured to pass the
> government
> NISPOM chapter 8 auditing policy requirements; specifically DSS C2 PL-1
> audits for systems where ALL users have formal access approval and ALL
> users
> have the "need-to-know." By the way, to folks on this list who don't know
> the jargon, the DSS is the Defense Security Service and their website is
> (http://www.dss.mil <http://www.dss.mil/> ). CA stands for Controlled
> Access
> Protection see (http://csrc.ncsl.nist.gov/secpubs/rainbow/std001.txt
> <http://csrc.ncsl.nist.gov/secpubs/rainbow/std001.txt> ) and PL-1 stands
> for
> Protection Level 1 and it is the easiest of the 4 levels to pass...however
> it is by no means easy to pass. Chapter 8 of the NISPOM can be seen here
> (http://www.dss.mil/isec/change_ch8.htm
> <http://www.dss.mil/isec/change_ch8.htm> ). I have been using a product
> called Snare for Linux (http://www.intersectalliance.com/projects/Snare/
> <http://www.intersectalliance.com/projects/Snare/> ) to pass these audits.
This is bit more specific than I would like to get. I don't see a
presentation focused on how SELinux can be applied to government
requirements being very interesting to many people. I admit I'm not
familiar with any of those criteria, but I'd be happy to answer any
specific questions you have.
--
JB
More information about the cinlug
mailing list