[redhat-lspp] Re: LSPP/RBACPP requirements v.006

[Linda Knippers]

My comments include comments on Steve's comments.

> Item 07) Mentions init in the description, no mention of init in 
> implementation section...so I don't know what this is.

It also mentions the CUPS client may be a candidate, but item 4 talks
about CUPS.  Is the point of item 7 to audit role transitions and
we thought init and CUPS might do that?  Or is this item to look through
all SELinux-related trusted programs to make sure they meet the audit
requirements as specified in the protection profiles?

> Item 16) Status: please add "needs packaging"

It also needs the audit changes that are mentioned in 5) so should
be mentioned here unless 5) is strictly for device allocation.  Is
anything other than device allocation covered by 5) that isn't
covered under other specific item?  Printing and archive tools each
have their own item.

I assume Item 30) status will be updated based on the discussion
we had on Monday.  I think we're no longer investigating tripwire,
for example.  The details would be in Debora's notes.  Are we still
looking for a volunteer to work on this?  Steve is listed as the owner
but I don't know if that's because he's working on it or he's the
default owner.

Regarding item 32), this may be a nit but I think having test cases and
incorporating them into LTP are two separate things.  I have nothing
against LTP but we have some test cases that are in a different
framework and we'd likely make the framework available with the tests
rather than incorporating them into LTP.

It would be nice to talk about 33) at some point.

-- ljk