From owner-freebsd-questions Fri Mar 15 16:31:15 2002 Delivered-To: freebsd-questions@freebsd.org Received: from rain.macguire.net (sense-sea-MegaSub-1-125.oz.net [216.39.144.125]) by hub.freebsd.org (Postfix) with ESMTP id 65F7637B400 for ; Fri, 15 Mar 2002 16:31:05 -0800 (PST) Received: (from roo@localhost) by rain.macguire.net (8.11.6/8.11.6) id g2G0RfX96720; Fri, 15 Mar 2002 16:27:41 -0800 (PST) (envelope-from roo) Date: Fri, 15 Mar 2002 16:27:41 -0800 From: Benjamin Krueger To: Robert Shea Cc: Darren Reed , "Dr. Evil" , inemes@transylvania.com.au, jylefort@brutele.be, freebsd-questions@FreeBSD.org, misc@openbsd.org Subject: Re: Security: FreeBSD vs OpenBSD Message-ID: <20020315162741.C93644@rain.macguire.net> References: <200202030549.QAA21515@caligula.anu.edu.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from robert.shea@appliedinterconnect.com on Fri, Mar 15, 2002 at 03:28:38PM -0800 X-PGP-Key: http://www.macguire.net/benjamin/public_key.asc Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG * Robert Shea (robert.shea@appliedinterconnect.com) [020315 15:31]: > > The "Orange Book" (DOD-5200.28-STD) mostly recives flack from > ill-educated individuals who don't understand it. It is, for the most > part an excellent measure of system security and has remained amazingly > timeless (what other computer doc from 1985 is still by and large > acurate today) it's said that 2 years is a generation in the computing > world, I think 17 (and counting) is a wonderful example of forward > thinking. > > Many of these trusted systems are used in high threat enviroments. > (Trusted Solaris, HP-VV (formerly HP-UX BLS), CA-CFA2 MVS w/MAC are fine > examples from Sun, HP and IBM respectively.) These systems, as Darren > stated are not cheap, however up and coming TOS's can be acqyired for > free such as the aforementioned SELinux, TrustedBSD, Pitbull/LX (for > non-commercial use of course) another main difference is that most > people are highly resistant to the idea of trusted systems. Any number > of reasons can explain this, people know and love UN*X and don't want to > learn something different is a likely culprit, but in my experinces in > these discussions in the past, most people are very resistant to the > idea of an OS being more secure then UN*X. Mostly however... if you take > that step and accept that the trusted system philosophy is on to > something, the next thing you need to overcome is that according to the > Orange Book, NT is more secure then standard UN*X, sad to say but the > majority of admins are unwilling to accept such a (*shoots himself for > using this phrase*) paradigm shift when it puts their years of making > fun of NT'ers in the wrong. ;) > > robert > > > %I find that somewhat amusing, given all the flack the Orange Book model > %has received over the years. The above description fits a high level B > %or A grade machine (your OpenBSD doesn't even qualify for C2 > %as can Solaris > %and friends). Given that there are already products available > %which have > %been designed with capabilities in mind, from scratch, shouldn't we all > %be using those in environments where security must come first? > % Oh, most > %of them aren't free or available for pennies, either... > % > %Darren I wonder how many times it must be said before folks finally understand. Security is not defined by adhering to rules laid out in a book. Security is not a product you can sell. Security does not come in a box wrapped up in bows. Security is a process. A process who's success or failure is measured in terms of risk and probability. The rainbow books and friends serve one real purpose for the clever designer, and that is as a guide. Don't worship the guide. As for your reverence for the Orange book in its unique ultimate forward looking paradigm shifting abilities that are displayed by few others, might I suggest that a great many documents were published at that time which are still relevant today. Take anything by Donald Knuth, the K&R C book, the dragon book, Introduction to Automata Theory, Languages, and Computation, Structure and Interpretation of Computer Programs, and many many others.. BTW, NT4 was C2 qualified when locked down with its networking guts removed. This was quite a few of your "generations" ago too. I have seen no documentation that anything else Microsoft distributes has been C2 qualified and I highly doubt I will any time soon. Just had to get that jab in there. =) -- Benjamin Krueger "Life is far too important a thing ever to talk seriously about." - Oscar Wilde (1854 - 1900) ---------------------------------------------------------------- Send mail w/ subject 'send public key' or query for (0x251A4B18) Fingerprint = A642 F299 C1C1 C828 F186 A851 CFF0 7711 251A 4B18 PS. Its UNIX. Not *nix. Not UN*X. This isn't the name of G*D for crying out loud. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message