[redhat-lspp] File Integrity Tests from RBAC
Stephen Smalley
sds at tycho.nsa.gov
Thu Sep 29 18:06:21 UTC 2005
On Thu, 2005-09-29 at 14:03 -0400, Steve Grubb wrote:
> Hello,
>
> I was wondering how we were planning to address these items in the RBAC specs:
>
> >FPT_TST.1.2 The TSF shall provide authorised users with the capability to
> >verify the integrity of TSF data.
>
> >FPT_TST.1.3 The TSF shall provide authorised users with the capability to
> >verify the integrity of stored TSF executable code.
>
> Is this traditionally done with something like tripwire? What other solutions
> do we have to this? If we use rpm --verify, it is likely to complain about
> all the chmods that were done to meet the security target.
Is tripwire able to deal with prelink'd binaries? At one time, it
wasn't, so it would report them as all modified after the first prelink
run from cron. rpm -V handles it correctly.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list