Meeting Security Requirements with FreeBSD

Wilko Bulte wb at
Wed Apr 20 04:49:24 PDT 2005

The local guru is Robert Watson <rwatson at>

You might also be interested in


On Wed, Apr 20, 2005 at 07:42:44AM -0400, Michael A. Koerber wrote..
> All,
> 1.  Currently FreeBSD (or any other BSD) doesn't seem to be on the list
> of approved OS's for classified processing.  I'm trying to obtain at
> least local approval, but I don't speak the "security language" too
> well.  Any help would be greatly appreciated.
> 2.  The unix's that are approved are Solaris and Redhat/Fedora.  I have
> reviewed the "PL1 Checklists" and it seems to me that Redhat/Linux might
> be the closest set of requirements, so I'm working off that.
> 3.  I've "mapped" most of the requirements to FreeBSD (basic unix stuff).
> 4.  The major sticking point today is "Accesses to Security-Relevant
> Objects".
>   a. Under Redhat the requirement is "Implement Snare" or "Implement
> LauS (Linux Auditing System".
>   b.  The Solaris equivalent requirement seems to be set up of the Basic
> Security Model "BSM".
>   I don't see either of these packages ported to BSD.  What is the BSD
> approach to meeting the (logging) requirements provided by the above
> packages?  I thought that MAC might be the answer, but I see nothing
> about logging "events" in the manual.
> tnx
> mike
> -- 
> ---------------------
> Dr Michael A. Koerber
> x3250
> _______________________________________________
> freebsd-stable at mailing list
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at"
--- end of quoted text ---

Wilko Bulte				wilko at

More information about the freebsd-stable mailing list