[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Linux at C2 - was Re: Is this mail list dead?

To: securedistros@nl.linux.org
Subject: Linux at C2 - was Re: Is this mail list dead?
From: Casey Schaufler <casey@sgi.com>
Date: Fri, 16 Mar 2001 15:45:00 -0800
Organization: Silicon Graphics
References: <Pine.LNX.4.21.0103160929460.5790-100000@imladris.rielhome.conectiva> <3AB22644.9090202@ksu.ru> <3AB24312.3F873E74@sgi.com> <3AB28BB6.1040303@ksu.ru>
Reply-To: securedistros@nl.linux.org
Sender: owner-securedistros@nl.linux.org

Pedro Rosa wrote:

> Note that Linux is not a OS with a very limited set of purposes. Don't
> tell me that attempts to enforce a security scheme at core bottom will
> not hinder such sections like real-time or clusters. So I think it is
> too risky to put two things in one boat.

Your concerns are unfounded. Even though you've asked me
not to, I'll point out that Irix does all you've mentioned.
 
> Yes, the position of C2 out of the core-bottom may hinder Linux, for the
> fact that it will never have a 99,99% secured architecture.

What do you mean by a "secured architecture"?

> However, I'm
> pretty convinced that 99,99% of its users wouldn't need such
> requirement. For such ultra-security there should be other OSes (OpenBSD
> for example).

Firstly, you're making up your statistics on the fly. Heck,
that's true of 80% of statistics.

Second, calling C2 ultra-security is like calling TGIFriday's
Fine Dining.

> On what concerns hindering other security systems, I consider the
> psychologic point of view. I cannot consider C2 as a scheme "for all
> cases".

OKay, you're right.

> As an example among many. Well some people prefer to use "crack
> traps" rather than thinking about applying C2 to every user's brain...

Yup. Many such people would be happy with no
access controls at all.

> In fact this point is still the biggest security breach of all. And no
> matter how many threats and rays you spend on users, 99% of security
> breaches are caused by them...

Those pesky users.

> Now why I am talking about this? Well, I saw a near C2 implementation.
> The level of security was extrapolated to the impossible because there
> was a series of rules and possiblities that were inter-exclusive. The
> system was a monster and people felt like working in something worse
> than the Gulag (and, oh damn, Democracy is now working here... So people
> were talking the  Hell about it) So the concept was completely changed.

Like the Gould C2 system back in '86. Feature and
criteria creep kill that one.


> > What are your stability issues?
> 
> Well in theory none. In practic, I'm pretty sure that it will take not
> less than a year for an implementation to work out. That's pretty well
> seen on kernel development timelines.

Yes, it's software.


> For example in my own machine... Why do I need C2 on my own
> machine?

You probably don't. 

> ... You cannot
> implement such a protocol just by adding a module.

Maybe You couldn't, but I've done it on three seperate
occasions.

Fear not. We're only here to help!

-- 

Casey Schaufler				Manager, Trust Technology, SGI
casey@sgi.com				voice: 650.933.1634
casey_p@pager.sgi.com			Pager: 888.220.0607
-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/

Follow-Ups:
- Re: Linux at C2 - was Re: Is this mail list dead?
  - From: Pedro Rosa <Pedro.Rosa@ksu.ru>

References:
- Re: Is this mail list dead?
  - From: Rik van Riel <riel@conectiva.com.br>
- Re: Is this mail list dead?
  - From: Pedro Rosa <Pedro.Rosa@ksu.ru>
- Re: Is this mail list dead?
  - From: Casey Schaufler <casey@sgi.com>
- Re: Is this mail list dead?
  - From: Pedro Rosa <Pedro.Rosa@ksu.ru>

Prev by Date: Re: Is this mail list dead?
Next by Date: Re: C2 vs Common Criteria [was: RE: Is this mail list dead?]
Prev by thread: Re: Is this mail list dead?
Next by thread: Re: Linux at C2 - was Re: Is this mail list dead?
Index(es):
- Date
- Thread