From owner-freebsd-stable@FreeBSD.ORG Wed Apr 20 11:43:02 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D091B16A4CE for ; Wed, 20 Apr 2005 11:43:02 +0000 (GMT) Received: from ll.mit.edu (LLMAIL.LL.MIT.EDU [129.55.12.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3BDE343D54 for ; Wed, 20 Apr 2005 11:43:02 +0000 (GMT) (envelope-from mak@ll.mit.edu) Received: (from smtp@localhost) by ll.mit.edu (8.12.10/8.8.8) id j3KBh1gI029322 for ; Wed, 20 Apr 2005 07:43:01 -0400 (EDT) Received: from koerber.llan.ll.mit.edu( ), claiming to be "[155.34.104.109]" via SMTP by llpost, id smtpdAAArcaGe5; Wed Apr 20 07:42:53 2005 Message-ID: <42664034.1060700@ll.mit.edu> Date: Wed, 20 Apr 2005 07:42:44 -0400 From: "Michael A. Koerber" User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050330) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-stable@freebsd.org X-Enigmail-Version: 0.90.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Meeting Security Requirements with FreeBSD X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Apr 2005 11:43:02 -0000 All, 1. Currently FreeBSD (or any other BSD) doesn't seem to be on the list of approved OS's for classified processing. I'm trying to obtain at least local approval, but I don't speak the "security language" too well. Any help would be greatly appreciated. 2. The unix's that are approved are Solaris and Redhat/Fedora. I have reviewed the "PL1 Checklists" and it seems to me that Redhat/Linux might be the closest set of requirements, so I'm working off that. 3. I've "mapped" most of the requirements to FreeBSD (basic unix stuff). 4. The major sticking point today is "Accesses to Security-Relevant Objects". a. Under Redhat the requirement is "Implement Snare" or "Implement LauS (Linux Auditing System". b. The Solaris equivalent requirement seems to be set up of the Basic Security Model "BSM". I don't see either of these packages ported to BSD. What is the BSD approach to meeting the (logging) requirements provided by the above packages? I thought that MAC might be the answer, but I see nothing about logging "events" in the manual. tnx mike -- --------------------- Dr Michael A. Koerber x3250