Re: C2 vs Common Criteria [was: RE: Is this mail list dead?]

[LA Walsh <law@sgi.com>]

Pedro Rosa wrote:
> Yes, Mandrake can be able to produce a secure linux for users. But they
> will need to produce a conception of security and only after this to
> start such distro. But only for a segment of the market. Really I don't
> need a super-secure-fortified Mandrake for my common everyday tasks.
---
	Being secure, and being certified as secure are very different
things.  The first involves assertions and reasons, the second involves
meeting various requirement, testing and 3rd party evaluation that the
requirements are met.  

	Take a look at the Common Criteria CAPP definition mentioned in
an earlier post.  On a CAPP-level trusted system, I think you can get
by with plaintext password storage in /etc/shadow (still only readable by
root).  

	Secure = I've made my system a complex enough puzzle put off most
people.  Trusted = evaluated assertions of levels of trust of a given
OS and need not involve any 'puzzles' -- which make trusted systems
'boring' for most people -- there is no puzzle to be solved or if there
is, it's been evaluated (3rd party verified) to be trusted for a given
environment.  CAPP, I believe, is specified to provide trust in a non-hostile
environment -- i.e. no outside ethernet connections.

	I don't remember, off hand, the environment LSPP is aimed for.
-l

-- 
L A Walsh                        | Trust Technology, Core Linux, SGI
law@sgi.com                      | Voice: (650) 933-5338
-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/