From owner-freebsd-security  Wed Jul  9 22:03:26 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id WAA06700
          for security-outgoing; Wed, 9 Jul 1997 22:03:26 -0700 (PDT)
Received: from obie.softweyr.ml.org ([199.104.124.49])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id WAA06692
          for <security@freebsd.org>; Wed, 9 Jul 1997 22:03:19 -0700 (PDT)
Received: (from wes@localhost) by obie.softweyr.ml.org (8.7.5/8.6.12) id XAA10500; Wed, 9 Jul 1997 23:07:58 -0600 (MDT)
Date: Wed, 9 Jul 1997 23:07:58 -0600 (MDT)
Message-Id: <199707100507.XAA10500@obie.softweyr.ml.org>
From: Wes Peters <softweyr@xmission.com>
To: security@freebsd.org
Subject: Re: Security Model/Target for FreeBSD or 4.4?
In-Reply-To: <XFMail.970707080142.alex@androcles.com>
References: <199707061827.OAA23298@chaos.amber.org>
	<XFMail.970707080142.alex@androcles.com>
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On 06-Jul-97 Christopher Petrilli wrote:
 > I think it's important to understand that few OSes (outside the "big 
 > boys" like VMS, MVS, VM, GUARDIAN, etc.) have documented formal security 
 > polcies.  Mostly it's just whatever a programmer feels like.

Or SunOS, Solaris, Digital UNIX.  Yes, there have been (several) UNIX
systems certified at C2, and even B2.  It would be interesting to see if
Sun still has any white papers or specifications for their B2 certified
SunOS, which was (of course) based on 4.3 BSD.

-- 
          "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                       Softweyr LLC
http://www.xmission.com/~softweyr                       softweyr@xmission.com