Firewall Wizards mailing list archives
Re: Re: Trusted OS...
From: Ryan Russell <ryan () securityfocus com>
Date: Wed, 29 Mar 2000 08:31:39 -0800 (PST)
On Thu, 23 Mar 2000, Marcus J. Ranum wrote:
Are you sure about that? Secure computing makes a trusted operating system (called LOCK, if I recall correctly) but Sidewinder was based on BSDI with some orange book fairy dust blown on it - I don't think it was a _real_ trusted operating system, just good old BSDI (which is probably better) with some hacks in it to include the domain/type enforcement stuff.
Isn't that the central problem? Do C level and below Orange Book requirements actually help anything? If I can take an OS, and add some typing features, and have the money for the testing, is C2 useful at all? I think what you're speaking to is the fact that the denotative definition of "trusted OS" in the US is just meeting the rainbow requirements. While most of us as security people would like to think that "trusted OS" means that it has some actual security and has been carefully audited. Certainly that doesn't mean an OS that has been succesfully been evaluated can't also be secure... I think it just means that a rating alone doesn't give assurance that the OS is secure (or even any more secure than another.) I don't think that will be a big surprise to anyone here. Ryan
Current thread:
- Trusted OS... Jean Caron (Mar 05)
- Re: [firewall-wizards] Trusted OS... Magosanyi Arpad (Mar 06)
- Re: [firewall-wizards] Trusted OS... Jean Caron (Mar 12)
- Re: [firewall-wizards] Trusted OS... Magosanyi Arpad (Mar 12)
- Re: Trusted OS... Bennett Todd (Mar 21)
- Re: [firewall-wizards] Trusted OS... Jean Caron (Mar 12)
- Re: [firewall-wizards] Trusted OS... Magosanyi Arpad (Mar 06)
- <Possible follow-ups>
- Re: Trusted OS... Valerie Anne Bubb (Mar 06)
- Re: Re: Trusted OS... Paul McNabb (Mar 23)
- Re: Re: Trusted OS... Marcus J. Ranum (Mar 28)
- Re: Re: Trusted OS... Ryan Russell (Mar 29)
- Re: Trusted OS... Bennett Todd (Mar 29)
- Re: Re: Trusted OS... Marcus J. Ranum (Mar 28)
- Re: Re: Trusted OS... Marcus J. Ranum (Mar 28)
- Re: Re: Trusted OS... Iván Arce (Mar 29)
- Re: Re: Trusted OS... Patrick Bryan (Mar 29)