More PATH fallout. Who decided this was a good idea?

Steve Grubb sgrubb at
Sun Dec 7 17:14:24 UTC 2008

On Sunday 07 December 2008 11:51:33 Jesse Keating wrote:
> I have yet to see anything in your definition of CAPP that adds real
> security to our system.

I didn't attempt to explain CAPP, that would be a book or at least a big  
chapter in a book. What I attempted to explain is the parts of it that apply 
to user account management.

> What I get out of it so far is "If all the admins play nice, we can track
> what they're doing".  But if admins stop playing nice, all bets are off.

True. To track a hostile admin requires meeting yet another Security Target. 
You need 

1) Remote audit logging - we have that
2) Separation of roles such that a security officer and an admin role exist - we 
have that.
3) keystroke logging - we have that

These are called out for in higher security standards. The higher standards 
typically extend the lower standards.

> What value does that add to Fedora systems?

CAPP basically says you have a normal unix system. As the threat increases, 
you have to take different steps to counter it. We have a layered security 
approach that lets you tailor the counter-measures to the perceived threat.


More information about the fedora-devel-list mailing list