>>None. Unlike what you say, Unix systems do not have such ratings by
>>Some vendors make C2 additions which typically amounts to adding
>>logging features to the system (and leaving all the insecure parts of
>>the system intact).
>>Many of us feel that C2 has nothing to do with security. Regarding at
>>least this level, the DOD appears to live on a different planet, where
>>security has to do with accountability and activity logging.
>>To us, security means people can't manipulate the system into doing
>>something it was not configured for. We think that is what most
>>people really want, when they say "security".
>>And do they have a security classication >for that? No, they don't.
>Sorry, I've never read the Orange Book, but I assumed it was the standard
>rating system in the field. I also assumed it required more in the way of
>general security to earn high ratings.
It does, but real security doesn't really appear until you get to B.
The exhaustive test suite we had to do for the Multics Trusted Computing
Base (approximately analogous to a Unix kernel) to get the first B2
rating awarded really did help demonstrate Multics security (and find
a few bugs in the process). Basically, we had to feed all kinds of
data to each and every entry point into the TCB.
(BTW, Multics was distributed with full source code, mostly in PL/I,
starting back in the 1970's. All development work was documented,
peer reviewed and tested prior to even submission for production
release. See http://www.best.com/~thvv/multics.html)
Unsolicited bulk email charge: $500/message. Don't send me any.
PGP Fingerprint: 0C1F FE18 D311 1792 5EA8 43C8 7AD2 B485 DE75 841C