[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: More PATH fallout. Who decided this was a good idea?

From: Steve Grubb <sgrubb redhat com>
To: fedora-devel-list redhat com
Cc: Jesse Keating <jkeating redhat com>
Subject: Re: More PATH fallout. Who decided this was a good idea?
Date: Sun, 7 Dec 2008 12:14:24 -0500

On Sunday 07 December 2008 11:51:33 Jesse Keating wrote:
> I have yet to see anything in your definition of CAPP that adds real
> security to our system.

I didn't attempt to explain CAPP, that would be a book or at least a big  
chapter in a book. What I attempted to explain is the parts of it that apply 
to user account management.

> What I get out of it so far is "If all the admins play nice, we can track
> what they're doing".  But if admins stop playing nice, all bets are off.

True. To track a hostile admin requires meeting yet another Security Target. 
You need 

1) Remote audit logging - we have that
2) Separation of roles such that a security officer and an admin role exist - we 
have that.
3) keystroke logging - we have that

These are called out for in higher security standards. The higher standards 
typically extend the lower standards.

> What value does that add to Fedora systems?

CAPP basically says you have a normal unix system. As the threat increases, 
you have to take different steps to counter it. We have a layered security 
approach that lets you tailor the counter-measures to the perceived threat.

-Steve

References:
- More PATH fallout. Who decided this was a good idea?
  - From: Callum Lerwick
- Re: More PATH fallout. Who decided this was a good idea?
  - From: Steve Grubb
- Re: More PATH fallout. Who decided this was a good idea?
  - From: Jesse Keating

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]