Firewall Wizards mailing list archives
Re: Trusted Unices Aren't?
From: Gordon Greene <Gordon.Greene () netsec net>
Date: Thu, 29 Oct 1998 10:48:24 -0500
Actually, there is a B1 VMS system:... Interesting note. However ... Digital's ... oops, Compaq's assertion of SEVMS meeting B1 does not constitute verification that it is B1, eh?
The URL: http://www.dsd.gov.au/epl/os.html shows SEVMS releases 6.0 and 6.1 for the VAX to have actually been evaluated by B1 by NCSC according to TCSEC. I don't know what's become of them since that, or whether there was ever and Alpha port.
I note that it is "SEVMS for OpenVMS VAX". Meaning it runs on a VAX, not an Alpha ... old stuff, right? [However old that makes me feel. ;-)] AND ... it runs over OpenVMS, per that phrase. If OpenVMS is not B1, then this does not give one a warm'n'fuzzy that something stuck over it will make it so. Eh?
Well, as I mentioned in another message, Argus makes a B1 add-on to Solaris (called Pitbull). It is designed to be F-B1/E3, but is being put in for a higher level. I'm not sure what the current status is. Also, DG/UX is available with a B2 option. I don't know if this is so much an add-on or just a different set of install media. Perhaps it doesn't provide warm fuzzies to put MLS on top of something which isn't. The process does seem to make some subsbitutions in the kernel and applications, though. The real test is how well they stand up to attack and what the performance and convenience cost is. What you never see is any sort of MLS OS that's free. There's been a minute buzz about an MLS OpenBSD, or something similar. I don't know what sort of trial it would be to get it evaluated, but I do think it would be best done as part of the common code base, just conditionally compiled. Because there are quite a few people working on free OSes, it would be important to design everything right the first time. It is intriguing, though.
Current thread:
- Re: Trusted Unices Aren't?, (continued)
- Re: Trusted Unices Aren't? Jeremy Epstein (Oct 23)
- Re: Trusted Unices Aren't? Rick Smith (Oct 28)
- Re: Trusted Unices Aren't? Paul D. Robertson (Oct 29)
- Re: Trusted Unices Aren't? dreamwvr (Oct 29)
- Re: Trusted Unices Aren't? Gordon Greene (Oct 29)
- Re: Trusted Unices Aren't? Jeremy Epstein (Oct 23)
- Re: Trusted Unices Aren't? Joseph S. D. Yao (Oct 27)
- Re: Trusted Unices Aren't? Jeremy Epstein (Oct 23)
- RE: Trusted Unices Aren't? Gregory Perry (Oct 28)
- Re: Trusted Unices Aren't? ark (Oct 23)
- Re: Trusted Unices Aren't? Gordon Greene (Oct 27)
- Message not available
- Re: Trusted Unices Aren't? Gordon Greene (Oct 29)
- Re: Trusted Unices Aren't? Gordon Greene (Oct 27)
- Re: Trusted Unices Aren't? Gordon Greene (Oct 29)