LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for September 4, 2008

The Kernel Hacker's Bookshelf: UNIX Internals

DRI, BSD, and Linux

SCHED_FIFO and realtime throttling

LWN.net Weekly Edition for August 28, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

EAL4+ and no auditability?

EAL4+ and no auditability?

Posted Jun 22, 2007 18:50 UTC (Fri) by ljt (subscriber, #33337)
In reply to: active response and adaptation by kirkengaard
Parent article: Red Hat and IBM get certified

How is it possible to be EAL4+ with a policy framework (selinux) that is not fully auditable?
I know, every thing is open source you can see every thing, etc.. BUT how can I know which policy I am currently running:
semodule -l gives you the list of module currently loaded but what is in those modules? (hint: the .pp lying on your fs doesn't qualify..)

(Log in to post comments)

EAL4+ and no auditability?

Posted Jun 24, 2007 16:28 UTC (Sun) by jamesm (guest, #2273) [Link]

One approach to this would be to export the currently loaded policy via selinuxfs so that it can be verified and analyzed.

Just added this to the todo list:
http://selinuxproject.org/page/Kernel_Development#To_Do_List

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds