[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: C2 vs Common Criteria [was: RE: Is this mail list dead?]

To: securedistros@nl.linux.org
Subject: Re: C2 vs Common Criteria [was: RE: Is this mail list dead?]
From: Pedro Rosa <Pedro.Rosa@ksu.ru>
Date: Sat, 17 Mar 2001 01:38:35 +0300
References: <A77BEC1A2E6ED4118DD7006008C18DB873890A@stpntmx03.sctc.com>
Reply-To: securedistros@nl.linux.org
Sender: owner-securedistros@nl.linux.org
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2-9mdksmp i686; en-US; 0.8) Gecko/20010216

Dowd, Alan wrote:

> By its very nature, the open Linux we all know cannot be certified 
> under the Common Criteria -- the CC requires just too much formalized 
> product management. At best, a distribution vendor such as Mandrake 
> could produce a relatively frozen distribution that could be 
> certified. But this would require that the end user not modify the 
> evaluated code base if s/he wanted to preserve the evaluated rating.
> 
A typical Mandrake distribution would barely be accepted for such thing 
as it is broad-user centered. Mandrake has lots of conceptual features 
that even go against some good traditionalisms of linux in this sphere. 
Besides, in my experience, I noted that Mandrake is quite hard to be 
controlled.

Anyway, I think that the Mandrake team has some chances to be nearer to 
produce a security-tight distro than others. But this can be done only 
if some mechanisms that ease user's life would be sacrificed for the 
sake of security. This mainly concerns the mess of the script structure 
that boots Mandrake. There are cases when you may jump to the shell by 
breaking the work of these scripts. Besides there are a few flaws on how 
linux loads on the typical RedHat's architecture (which Mandrake 
copies). Frankly the load process seriously needs a supervision if you 
have a critical task and you don't trust your neighbor. You need to 
check out Lilo (or Grub) to set a few restrictions. "init 1", depending 
on the distros produced lately, frequently loads without requiring 
passwd, so you have to check out this. There is a conceptual failure on 
how bash works, specially if you don't want user to interrupt the login 
process. On "init 5" it is good to have "reboot" right on the login 
window if you trust the user. But there are cases we don't trust even 
the power button to them... Returning to the booting process I would 
note that it is frequent to see the box killed by some "insignificant" 
daemon that doesn't load. 

Yes, Mandrake can be able to produce a secure linux for users. But they 
will need to produce a conception of security and only after this to 
start such distro. But only for a segment of the market. Really I don't 
need a super-secure-fortified Mandrake for my common everyday tasks.

Ektanoor

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/

Follow-Ups:
- Re: C2 vs Common Criteria [was: RE: Is this mail list dead?]
  - From: LA Walsh <law@sgi.com>

References:
- C2 vs Common Criteria [was: RE: Is this mail list dead?]
  - From: "Dowd, Alan" <alan_dowd@securecomputing.com>

Prev by Date: Re: Is this mail list dead?
Next by Date: Re: Is this mail list dead?
Prev by thread: Re: C2 vs Common Criteria [was: RE: Is this mail list dead?]
Next by thread: Re: C2 vs Common Criteria [was: RE: Is this mail list dead?]
Index(es):
- Date
- Thread