[redhat-lspp] Re: LSPP/RBACPP requirements v.006
George C. Wilson
ltcgcw at us.ibm.com
Thu Jan 26 19:55:49 UTC 2006
On Thu, Jan 26, 2006 at 01:26:41PM -0500, Steve Grubb wrote:
> On Thursday 26 January 2006 12:53, Linda Knippers wrote:
> >> Item 07) Mentions init in the description, no mention of init in
> >> implementation section...so I don't know what this is.
> >
> >It also mentions the CUPS client may be a candidate, but item 4 talks
> >about CUPS. Is the point of item 7 to audit role transitions and
> >we thought init and CUPS might do that? Or is this item to look through
> >all SELinux-related trusted programs to make sure they meet the audit
> >requirements as specified in the protection profiles?
>
> I think its to look through the programs and add audit instrumentation. I can
> understand CUPS client, but I don't know what was supposed to be instrumented
> in init.
>
- Yes, item 7 is a catchall to ensure we hook every userspace program that
requires instrumentation. When Steve and I discussed this last, newrole and
init were the only candidates. The init issue was to emit an audit record on
failure to load the policy, I believe. This may already be covered at a lower
layer--I'm going to try it now.
- Item 4 covers audit of CUPS explicitly, a la audit of print. I'll remove the
CUPS client from item 7. I believe it was there because there because we are
only auditing from the server and we thought that might not be sufficient.
- Item 5 is once again a catchall to make sure we cover items that don't have
their own specific task. There may be no additional items.
- The forthcoming post will reflect 30's status after Monday's meeting. v006
contains pre-meeting information as I needed to get something out.
- I'll split item 32 into two tasks.
- I'll incorporate the other updates.
Thanks for all the comments. I will make the changes this afternoon and repost
to the list and Russell's wiki.
--
George Wilson <ltcgcw at us.ibm.com>
IBM Linux Technology Center
More information about the redhat-lspp
mailing list