| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: nick at virus-l.demon.co.uk (Nick FitzGerald) Subject: Support the Sasser-author fund started Valdis.Kletnieks@...edu to me: > Actually reading what C2 *required* is quite enlightening. More "worrying" given that MS' focus on getting C2 certified was to be able to bid for the "more lucrative" DoD and related contracts that required C2-level systems (no matter how arbitrarily -- incredibly few of them were ever actually configured and run at C2). > Code identified as a 'Trusted Computing Base'. Identification of specific > users.. discretionary access controls.. an audit trail.. object clearing before > reuse.. Testing for *obvious* flaws.. > > Yep, that's about it. ... "Guaranteed boot path" (can't recall the precise wording) -- something MS was already actively campaigning against with its "boot from network" requirement for the upcoming PC 95 or PC 97 hardware platform specs, and something that no "typical PC" could ever meet. The C2 cert for NT "fudged" this requirement by removing the floppy drive (and perhaps by testing on a machine whose BIOS did not yet support "boot from CD"). > ... Userid/password, some sort of user-settable file > permissions, don't let the next user snarf blocks off the disk by allocating > a big file, and keep an audit trail. *real* stringent. Even when NT came out, C2 > wasn't considered much security at all... Most of this stuff was already > well understood when Multics was done in the mid-60s. > > Security labels? MAC? Those are B1. > > "A team of individuals who thoroughly understand the specific implementation > of the TCB shall subject its design documentation, source code, and object code > to through analysis and testing". That's not a requirement till B1 either. > (Yeah.. ponder THAT one - you don't have to do a thorough test to get C2 ;) > > "Trusted Path" for login? That's in B2, as is covert channel analysis. > > You get the idea... ;) No -- I _know_ the idea. The point is that NT is usually sneered at by *nix bigots whose favourite OSes are _just as lame_ by those same miserable criteria. IIRC (and I really don't care as it really doesn't matter) but no "mainstream" *nix matched NT's C2 certification for a year or more when, IIRC, some Solaris variant was gonged C2 too. Anyway, the real point is that all the currently popular systems implement some form of _discretionary_ controls, which (by definition) have to actually be enabled before thay can be any use (regardless of how much or how little use they can be) and as most current "system admins" don't even have that concept in their computing world views, it's kinda academic to debate whether the OSes these "admins" run support DAC, MAC or whatever... -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854
Powered by blists - more mailing lists