[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Future FreeS/WAN users?

To: securedistros@nl.linux.org
Subject: Re: Future FreeS/WAN users?
From: Pavel Kankovsky <peak@argo.troja.mff.cuni.cz>
Date: Mon, 17 Jan 2000 11:44:52 +0100 (MET)
In-Reply-To: <20000115171403.A18631@cavorka.umm.home>
Reply-To: securedistros@nl.linux.org
Sender: owner-securedistros@nl.linux.org

On Sat, 15 Jan 2000 l41484@alfa.ist.utl.pt wrote:

> On Sat, Jan 15, 2000 at 11:36:45AM -0500, J. Lasser wrote:
> > In the wise words of Ray Shaw:
> > 
> > > I'm also very unclear as to exactly what is meant by
> > > "security-enhanced Linux".  If they mean to include crypto, then they
...
> > Well, actually, the article I saw said something on capabilities
> > enhancement. This probably means posix-style rather than 'real'
> > capabilities, but who knows?
> 
> What i've understood from the article it has something in the lines of
> compartmentalized areas a little like HP's virtual vault.

They say are going to add "Type Enforcement" to the kernel. Type
enforcement (or "domain and type enforcement", DTE) is a relatively simple
static mandatory access control policy that labels all objects with
"types", all subjects (including software components) with "domains", and
decides whether a particular access is permitted using a predefined
domains*types access matrix.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/

References:
- Re: Future FreeS/WAN users?
  - From: l41484@alfa.ist.utl.pt

Prev by Date: Re: Future FreeS/WAN users?
Next by Date: Re: Future FreeS/WAN users?
Prev by thread: Re: Future FreeS/WAN users?
Next by thread: Re: Future FreeS/WAN users?
Index(es):
- Date
- Thread