Re: Linux security compliance
From: Steve Bremer (steveb_at_nebcoinc.com)
Date: 11/01/04
- Previous message: Carl Holtje: "Re: Linux security compliance"
- Maybe in reply to: Vincent IP: "Linux security compliance"
- Next in thread: Russell, Daniel: "RE: Linux security compliance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 01 Nov 2004 11:38:09 -0600 To: <focus-linux@securityfocus.com>
Vincent,
>>I am searching for any information that if Linux is compliant to C2
or
Command Criteria. However, I could find any good references in the
web.
You probably won't find anything related to C2 since it's being phased
out in favor of common criteria. But to answer your question, Linux
does not meet C2 by default.
>>Do you know if there are any good guidelines/documents talking about
how
to make Linux a trusted system?
Suse and Red Hat have both had there systems certified for Common
Criteria CAPP. I don't recall Red Hat's EAL level, but SLES 8 was
certified EAL 3+.
Here is a link to a document describing how to configure SLES 8 to meet
the CAPP/EAL3+ certification:
http://www.suse.com/de/security/eal3/SLES8_EAL3_SecurityGuide.pdf
Hope this helps,
Steve Bremer
NEBCO, Inc.
Systems & Security Administrator
- Previous message: Carl Holtje: "Re: Linux security compliance"
- Maybe in reply to: Vincent IP: "Linux security compliance"
- Next in thread: Russell, Daniel: "RE: Linux security compliance"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
