| |||||||||||||
|
| |||||||||||||
RHEL 5 going for Common Criteria EAL 4 ratingRHEL 5 going for Common Criteria EAL 4 ratingPosted Oct 11, 2005 6:31 UTC (Tue) by Vladimir (guest, #33011)In reply to: RHEL 5 going for Common Criteria EAL 4 rating by jamesmrh Parent article: RHEL 5 going for Common Criteria EAL 4 rating
Just wanted to comment on this:
I don't need to be a government type to be able to use LSPP or Type Enforcement or RBAC for everyday business.
Regards,
VG
(Log in to post comments)
RHEL 5 going for Common Criteria EAL 4 rating Posted Oct 12, 2005 5:07 UTC (Wed) by etbe (subscriber, #17516) [Link] The administrator has to perform tasks such as fixing file systemcorruption, backing up data, and installing new applications (including custom applications). These tasks are not compatible with preventing the administrator from accessing secret data. We have a secadm_r role for security administration which can be separate from the sysadm_r for general system administration. This is currently an experimental feature and is designed to be discretionary in nature. We can't entirely prevent the sysadm from doing the wrong thing in regard to security administration, but if they do so then they can't claim it to be an accident, mistake, or an issue where their duties were unclear.
|
|
||||||||||||