Fwd: [JS] Suse on IBM eServer achieves EAL2+ security

Fwd: [JS] Suse on IBM eServer achieves EAL2+ security

[Russell Coker]

Of course Linux didn't get the highest rating possible, it seems that Reuters 
made a mistake in this regard.  EAL2 is not the highest rating, but it's a 
good step and they apparently plan to continue trying for higher ratings.

No SE Linux in SUSE AFAIK.  :(

----------  Forwarded Message  ----------

Subject: [JS] Suse on IBM eServer achieves EAL2+ security
Date: Wed, 6 Aug 2003 01:49

http://www.suse.com/us/company/press/press_releases/archive03/security_certif
ication.html


Disclaimer:  I have no idea what this means.

The slashdot post states:

"What this means is that government can consider Linux when making purchasing
 decisions. Linux got the highest rating possible."

http://slashdot.org/articles/03/08/05/1217242.shtml?tid=106&tid=126&tid=172&tid=185

---------------------------------------------------------------------~->



--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Fwd: [JS] Suse on IBM eServer achieves EAL2+ security

[Tom]

On Wed, Aug 06, 2003 at 10:46:16AM +1000, Russell Coker wrote:
> Of course Linux didn't get the highest rating possible, it seems that Reuters 
> made a mistake in this regard.  EAL2 is not the highest rating, but it's a 
> good step and they apparently plan to continue trying for higher ratings.

AFAIK, IBM/SuSE are still going for EAL4, as are Redhat/Oracle. It just
takes more time and they probably needed _some_ cert soon.


> No SE Linux in SUSE AFAIK.  :(

CC is about trust, not security. Wanna start a TE Linux project? :)


-- 
PGP/GPG key: http://web.lemuria.org/pubkey.html
pub  1024D/2D7A04F5 2002-05-16 Tom Vogt <tom@lemuria.org>
     Key fingerprint = C731 64D1 4BCF 4C20 48A4  29B2 BF01 9FA1 2D7A 04F5

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Fwd: [JS] Suse on IBM eServer achieves EAL2+ security

[Florian Weimer]

Russell Coker <russell@coker.com.au> writes:

> Of course Linux didn't get the highest rating possible, it seems
> that Reuters made a mistake in this regard.  EAL2 is not the highest
> rating,

Isn't it the highest rating possible with the current feature set
(that is, no ACLs on anything)?

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Fwd: [JS] Suse on IBM eServer achieves EAL2+ security

[Casey Schaufler]

> ... that is, no ACLs on anything ...

Believe it or not, ACLs are a very minor feature.
They provide descretionary access control, a
facility for which mode bits are (close to)
sufficent. The big thing required by all relevent
protection profiles is the security audit trail.


Casey Schaufler				Manager, Trust Technology, SGI
casey@sgi.com				650.933.1634

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: Fwd: [JS] Suse on IBM eServer achieves EAL2+ security

[Jakob Oestergaard]

On Wed, Aug 06, 2003 at 05:46:01PM +0200, Florian Weimer wrote:
> Russell Coker <russell@coker.com.au> writes:
> 
> > Of course Linux didn't get the highest rating possible, it seems
> > that Reuters made a mistake in this regard.  EAL2 is not the highest
> > rating,
> 
> Isn't it the highest rating possible with the current feature set
> (that is, no ACLs on anything)?

Note:
I state the following simply as someone who's been attempting to grasp
the common criteria - I may be wrong, although I don't think so, but I
would appreciate corrections.


First of all, SuSE does have POSIX ACLs.

They were certified EAL2+, but not against any particular protection
profile - which basically means they are "somewhat confident" that their
system performs some - by SuSE - specified security functions reliably.

(I don't mean to sound like the certification doesn't matter - I think
it's a good thing - it's a step in the right direction)

Usually, for a better measure of the actual feature set of the security
functions in a system, one would certify it against a pre-defined
protection profile.

For example, the CAPP (which sort-of corresponds to the old C2
certification from TCSEC).  Or the LSPP (which sort-of corresponds to
the old B1 certification from TCSEC).

They did not do that. In the introduction in their "security target"
document, they state why they did not go after the CAPP (too many
changes would be needed).

By the way, you do not need ACLs to be certified against CAPP.
Traditional "UNIX" permissions (user/group/owner) are sufficient.

In order to get an idea about why this all matters, you might want to
look at Windows 2000 versus Solaris 8 versus Trusted Solaris 8.

All three systems have EAL4.  So, on the surface, there is no
difference.  Hmm....  Yep, there is a caveat:  Win2k and Sol8 are both
certified EAL4 against CAPP.  Trusted Solaris 8 is certified EAL4
against the LSPP.

The EAL matters. But the PP matters too.

Reporters don't know this   :)

-- 
................................................................
:   jakob@unthought.net   : And I see the elder races,         :
:.........................: putrid forms of man                :
:   Jakob Østergaard      : See him rise and claim the earth,  :
:        OZ9ABN           : his downfall is at hand.           :
:.........................:............{Konkhra}...............:

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.