Hello all, I am under the impression that LAuS will not be ported forward to newer kernels --- 2.6.10+. Is this correct? Also, I understand that RedHat's auditing system has made it into the vanilla kernel. How does this affect the CC-EAL4+ certification? Essentially, the certification will not be valid in any extent past kernel 2.6.5 correct? I was hoping to acquire CC-EAL4+ equivalent security functions and measures within the 2.6.17 kernel. Has there been any precedence or discussion about this aspect of previous kernels from the SLES parentage moving forward to newer releases? Thanks. Thomas
Hello all,
I am under the impression that LAuS will not be ported forward to newer kernels --- 2.6.10+. Is this correct?
Also, I understand that RedHat's auditing system has made it into the vanilla kernel. How does this affect the CC-EAL4+ certification? Essentially, the certification will not be valid in any extent past kernel 2.6.5 correct? I was hoping to acquire CC-EAL4+ equivalent security functions and measures within the 2.6.17 kernel. Has there been any precedence or discussion about this aspect of previous kernels from the SLES parentage moving forward to newer releases?
That's right. laus was designed and implemented for compliance with the requirements of the Controlled Access Protection Profile. Red Hat did the same for the audit subsystem that was merged upstream, but unfortunately, it wsn't fit for CAPP compliance. Later, late last year and early this year, improvements have been made to be CAPP compliant by taking elements from laus and merging them with the upstream implementation. This was signal enough for us to abandon laus for SLES10 (this happened during and after 10.0) in favour of what is present in the upstream kernel. SLES10, though, is missing some small features that will make it CAPP compliant. It is planned to integrate them into the code base over the next few months.
Thanks. Thomas
Thanks,
Roman.
--
- -
| Roman Drahtmüller
participants (2)
-
Roman Drahtmueller
-
Thomas Jones