Date: Wed, 20 Apr 2005 07:42:44 -0400 From: "Michael A. Koerber" <mak@ll.mit.edu> To: freebsd-stable@freebsd.org Subject: Meeting Security Requirements with FreeBSD Message-ID: <42664034.1060700@ll.mit.edu>
next in thread | raw e-mail | index | archive | help
All, 1. Currently FreeBSD (or any other BSD) doesn't seem to be on the list of approved OS's for classified processing. I'm trying to obtain at least local approval, but I don't speak the "security language" too well. Any help would be greatly appreciated. 2. The unix's that are approved are Solaris and Redhat/Fedora. I have reviewed the "PL1 Checklists" and it seems to me that Redhat/Linux might be the closest set of requirements, so I'm working off that. 3. I've "mapped" most of the requirements to FreeBSD (basic unix stuff). 4. The major sticking point today is "Accesses to Security-Relevant Objects". a. Under Redhat the requirement is "Implement Snare" or "Implement LauS (Linux Auditing System". b. The Solaris equivalent requirement seems to be set up of the Basic Security Model "BSM". I don't see either of these packages ported to BSD. What is the BSD approach to meeting the (logging) requirements provided by the above packages? I thought that MAC might be the answer, but I see nothing about logging "events" in the manual. tnx mike -- --------------------- Dr Michael A. Koerber x3250
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42664034.1060700>