From owner-freebsd-security Mon Jul 24 19:51:41 2000 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id E414F37B8C9 for ; Mon, 24 Jul 2000 19:51:37 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id UAA23574; Mon, 24 Jul 2000 20:51:34 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id UAA85516; Mon, 24 Jul 2000 20:51:16 -0600 (MDT) Message-Id: <200007250251.UAA85516@harmony.village.org> To: john1000@cwcom.net Subject: Re: orange book rating for freebsd Cc: freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Tue, 25 Jul 2000 02:23:35 BST." <397CEC16.F5453AC0@cwcom.net> References: <397CEC16.F5453AC0@cwcom.net> Date: Mon, 24 Jul 2000 20:51:16 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <397CEC16.F5453AC0@cwcom.net> m01ym900@cwcom.net writes: : does anyone know what level of security rating freeBSD can be configured : to, with regards to the orange book rating system (C1 through to A1). FreeBSD can be configured to be C2 secure, just like all the other Unix-oids out there. There's some work with TrustedBSD to make things B1 or B2, but those are very hard. FreeBSD doesn't have the facilities to get A1, which requires, iirc, tagging of all data as unclassified, secret or top secret and not allowing data to cross the security boundaries (in either direction w/o authorization from the system administrator). Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message