From owner-freebsd-security Tue Jul 25 0: 7:40 2000 Delivered-To: freebsd-security@freebsd.org Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.40.131]) by hub.freebsd.org (Postfix) with ESMTP id 0FCC937B989 for ; Tue, 25 Jul 2000 00:07:36 -0700 (PDT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.9.3/8.9.3) with ESMTP id JAA09857; Tue, 25 Jul 2000 09:07:16 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Darren Reed Cc: imp@village.org (Warner Losh), john1000@cwcom.net, freebsd-security@FreeBSD.ORG Subject: Re: orange book rating for freebsd In-reply-to: Your message of "Tue, 25 Jul 2000 16:19:51 +1000." <200007250619.QAA05994@cairo.anu.edu.au> Date: Tue, 25 Jul 2000 09:07:16 +0200 Message-ID: <9855.964508836@critter.freebsd.dk> From: Poul-Henning Kamp Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <200007250619.QAA05994@cairo.anu.edu.au>, Darren Reed writes: >In some mail from Warner Losh, sie said: >> >> In message <397CEC16.F5453AC0@cwcom.net> m01ym900@cwcom.net writes: >> : does anyone know what level of security rating freeBSD can be configured >> : to, with regards to the orange book rating system (C1 through to A1). >> >> FreeBSD can be configured to be C2 secure, just like all the other >> Unix-oids out there. There's some work with TrustedBSD to make things >> B1 or B2, but those are very hard. FreeBSD doesn't have the >> facilities to get A1, which requires, iirc, tagging of all data as >> unclassified, secret or top secret and not allowing data to cross the >> security boundaries (in either direction w/o authorization from the >> system administrator). > >In addition to programming with labels, etc, Ax also requires taking into >account "signalling" via covert channels. FreeBSD will never reach an A >level orange book rating because it was not designed, from scratch, to be >that way. C2 is just a matter of someone with money giving a box to the >NSA, appropriately configured and with suitable documentation, for review. > >As for "tags", those are required for B2, along with rules about which >way data can "travel". As far as I know we'll never get any A rating because that requires design documents which define the security. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message