EAL4+ and no auditability?
Posted Jun 22, 2007 18:50 UTC (Fri) by ljt
In reply to: active response and adaptation
Parent article: Red Hat and IBM get certified
How is it possible to be EAL4+ with a policy framework (selinux) that is not fully auditable?
I know, every thing is open source you can see every thing, etc.. BUT how can I know which policy I am currently running:
semodule -l gives you the list of module currently loaded but what is in those modules? (hint: the .pp lying on your fs doesn't qualify..)
to post comments)