LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

The current development kernel is...linux-next?

Notes on the Viacom ruling

LWN.net Weekly Edition for July 3, 2008

More DTrace envy

LWN.net Weekly Edition for June 26, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

RHEL 5 going for Common Criteria EAL 4 rating

RHEL 5 going for Common Criteria EAL 4 rating

Posted Oct 4, 2005 20:08 UTC (Tue) by kweidner (subscriber, #6483)
In reply to: RHEL 5 going for Common Criteria EAL 4 rating by rmfought
Parent article: RHEL 5 going for Common Criteria EAL 4 rating

[...]it is up to the users to trust that the same care will be taken for further revisions.

It's not just a matter of trust. In this case the security target adds the claim to meet the highest CC level of flaw remediation procedures beyond what the protection profiles would require ("augmented with ALC_FLR.3"), this means that the evaluators are examining and confirming that the software developers have effective procedures in place to systematically address security flaws in the product and inform their users about them.

Check out page 124 in the standard [PDF link] if you want more details about how this works.

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.