A levelezőm azt hiszi, hogy Casey Schaufler a következőeket írta: > > Don't blame me if/when Linus shows you the door, and *defintely don't* > > tell Linus that I said he should accept audit :-) > > Awe. No, I don't blame anyone. It's completely > reasonable that those who back a cause should fight > for it, banding with allies where it's mutually benifitial > and accepting when they differ. Well, you can tell Linus that _I_ said that he should accept audit (not as it would be a great reason...). Having LSPP functionality in access control and less than CAPP in audit seems a bit unbalanced. And full LSPP is a very easy route to world domination: trend in security now points toward using Cobit and BS7799 for the organisational and management side, and CC in the technical side, with the two side in tight integration. On the technical side the general-purpose and OS profiles are CAPP and LSPP. This setup is logical enough to beat it through your management (I did it). Now start a tender for aquiring operating system. The results: -any windows: below the threshold -any unix vanilla: somewhere near CAPP, EAL2-EAL3 -trusted Linuxen: somewhere near LSPP, EAL2-like -trusted unixen: LSPP, EAL4 Well. Now take a look at the price tag:) I talk from experience. -- GNU GPL: csak tiszta forrásból _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Jan 31 2003 - 09:13:30 PST