Re: Linux login security approaches

Raul Miller (rdm@test.legislate.com)
Sat, 12 Dec 1998 15:40:09 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Serguei Koubouchine: "Re: Linux 2.1.131ac8 (and ac9...)"
Previous message: Chris: "Re: SMP 2.1.131: SCSI performance extremely poor vs. IDE"
In reply to: Albert D. Cahalan: "RE: Linux login security approaches"

Barrett Lyon writes:
> > C2 certification means nothing in my eyes, the second you put
> > a box up with a tcp/ip stack it will no longer be C2 compliant.

Albert D. Cahalan <acahalan@cs.uml.edu> wrote:
> That is only an NT problem. There is a network interpretation of the
> security requirements in a second document.

However, as I understand it, the network interpretation isn't particularly
useful for addressing the usual suite of network security issues.
[Consider, for example, syn flooding on a web server as an example of
something that c2 doesn't even begin to address -- but hey, no secrets
are being leaked, right?]

Anyways, I know that there are some folks who want C2 -- just remember
that the security model is more than a little different from what most
people need in most contexts.

-- Raul

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Serguei Koubouchine: "Re: Linux 2.1.131ac8 (and ac9...)"
Previous message: Chris: "Re: SMP 2.1.131: SCSI performance extremely poor vs. IDE"
In reply to: Albert D. Cahalan: "RE: Linux login security approaches"