From owner-freebsd-security  Tue Jul 25  0:49:54 2000
Delivered-To: freebsd-security@freebsd.org
Received: from cairo.anu.edu.au (cairo.anu.edu.au [150.203.224.11])
	by hub.freebsd.org (Postfix) with ESMTP id 186E137BAB0
	for <freebsd-security@FreeBSD.ORG>; Tue, 25 Jul 2000 00:49:48 -0700 (PDT)
	(envelope-from avalon@cairo.anu.edu.au)
Received: (from avalon@localhost)
	by cairo.anu.edu.au (8.9.3/8.9.3) id RAA17232;
	Tue, 25 Jul 2000 17:44:36 +1000 (EST)
From: Darren Reed <avalon@coombs.anu.edu.au>
Message-Id: <200007250744.RAA17232@cairo.anu.edu.au>
Subject: Re: orange book rating for freebsd
To: phk@critter.freebsd.dk (Poul-Henning Kamp)
Date: Tue, 25 Jul 2000 17:44:36 +1000 (Australia/NSW)
Cc: avalon@coombs.anu.edu.au (Darren Reed),
	imp@village.org (Warner Losh), john1000@cwcom.net,
	freebsd-security@FreeBSD.ORG
In-Reply-To: <9855.964508836@critter.freebsd.dk> from "Poul-Henning Kamp" at Jul 25, 2000 09:07:16 AM
X-Mailer: ELM [version 2.5 PL1]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In some mail from Poul-Henning Kamp, sie said:
> 
> In message <200007250619.QAA05994@cairo.anu.edu.au>, Darren Reed writes:
> >In some mail from Warner Losh, sie said:
> >> 
> >> In message <397CEC16.F5453AC0@cwcom.net> m01ym900@cwcom.net writes:
> >> : does anyone know what level of security rating freeBSD can be configured
> >> : to, with regards to the orange book rating system (C1 through to A1).
> >> 
> >> FreeBSD can be configured to be C2 secure, just like all the other
> >> Unix-oids out there.  There's some work with TrustedBSD to make things
> >> B1 or B2, but those are very hard.  FreeBSD doesn't have the
> >> facilities to get A1, which requires, iirc, tagging of all data as
> >> unclassified, secret or top secret and not allowing data to cross the
> >> security boundaries (in either direction w/o authorization from the
> >> system administrator).
> >
> >In addition to programming with labels, etc, Ax also requires taking into
> >account "signalling" via covert channels.  FreeBSD will never reach an A
> >level orange book rating because it was not designed, from scratch, to be
> >that way.  C2 is just a matter of someone with money giving a box to the
> >NSA, appropriately configured and with suitable documentation, for review.
> >
> >As for "tags", those are required for B2, along with rules about which
> >way data can "travel".
> 
> As far as I know we'll never get any A rating because that requires
> design documents which define the security.

Yes, that's what I said.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message