From owner-freebsd-security  Wed Oct 15 04:56:17 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id EAA02388
          for security-outgoing; Wed, 15 Oct 1997 04:56:17 -0700 (PDT)
          (envelope-from owner-freebsd-security)
Received: from monoid.cs.tcd.ie (monoid.cs.tcd.ie [134.226.38.99])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id EAA02372
          for <security@freebsd.org>; Wed, 15 Oct 1997 04:56:13 -0700 (PDT)
          (envelope-from careilly@monoid.cs.tcd.ie)
Received: from monoid.cs.tcd.ie (localhost.my.domain [127.0.0.1])
	by monoid.cs.tcd.ie (8.8.5/8.8.5) with ESMTP id MAA20965;
	Wed, 15 Oct 1997 12:37:36 +0100 (IST)
Message-Id: <199710151137.MAA20965@monoid.cs.tcd.ie>
To: dkelly@hiwaay.net
cc: security@freebsd.org
Subject: Re: C2 Trusted FreeBSD? 
X-Address: Department of Computer Science, Trinity College, Dublin 2, Ireland.
X-Phone: +353-(0)1-6081321
In-reply-to: Your message dated Tuesday at 21:02.
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <20960.876915455.1@monoid.cs.tcd.ie>
Date: Wed, 15 Oct 1997 12:37:36 +0100
From: Colman Reilly <careilly@monoid.cs.tcd.ie>
Sender: owner-freebsd-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

     
     SGI also *claims* to meet C2 with only Discressionary Access Control, in 
     other words, "plain old Unix user and groups." Note emphasis on "claims", 
     as they developed Trusted Irix for B1 or thereabouts and were somehow 
     prevented from having more than one system under test. And never submitted 
     a system for C2 testing. So they provide a white paper detailing how plain 
     old Irix with the addition of the Trusted Irix auditing system meets the 
     intent of C2. This has been Good Enough to use plain Irix with audit trails
     at work.
Think it would have been good enough if it had been a free OS crowd writing
the paper and not SGI?

Colman