Meeting Security Requirements with FreeBSD
Wilko Bulte
wb at freebie.xs4all.nl
Wed Apr 20 04:49:24 PDT 2005
The local guru is Robert Watson <rwatson at FreeBSD.org>
You might also be interested in http://www.trustedbsd.org
Wilko
On Wed, Apr 20, 2005 at 07:42:44AM -0400, Michael A. Koerber wrote..
> All,
>
> 1. Currently FreeBSD (or any other BSD) doesn't seem to be on the list
> of approved OS's for classified processing. I'm trying to obtain at
> least local approval, but I don't speak the "security language" too
> well. Any help would be greatly appreciated.
>
> 2. The unix's that are approved are Solaris and Redhat/Fedora. I have
> reviewed the "PL1 Checklists" and it seems to me that Redhat/Linux might
> be the closest set of requirements, so I'm working off that.
>
> 3. I've "mapped" most of the requirements to FreeBSD (basic unix stuff).
>
> 4. The major sticking point today is "Accesses to Security-Relevant
> Objects".
>
> a. Under Redhat the requirement is "Implement Snare" or "Implement
> LauS (Linux Auditing System".
>
> b. The Solaris equivalent requirement seems to be set up of the Basic
> Security Model "BSM".
>
> I don't see either of these packages ported to BSD. What is the BSD
> approach to meeting the (logging) requirements provided by the above
> packages? I thought that MAC might be the answer, but I see nothing
> about logging "events" in the manual.
>
> tnx
> mike
> --
> ---------------------
> Dr Michael A. Koerber
> x3250
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
--- end of quoted text ---
--
Wilko Bulte wilko at FreeBSD.org
More information about the freebsd-stable
mailing list