Linux and DII/COE Compliance?

swestbrook asks: "I would like to know if there are any efforts out there to submit a Linux distribution or the kernel at large for U.S. governmental testing to see if it will be certified to be Defense Information Infrastructure Common Operating Environment (DII/COE) compliant. I am a program manager for a very small program in the U.S. Air Force and would like to be able to use Linux as a possible platform for my standard systems. However, I cannot because regulations require me to use only operating systems that are DII/COE compliant. Information on DII/COE compliance can be found at here. Until it is officially certified I can not rehost applications on a Linux platform. Any information would be greatly appreciated."

Look at the linux kernel list

[handorf]

IIRC, this is a fairly recurring topic on the linux kernel list. Do a search at any of the searchable archives and I'm sure you'll find the ongoing arguement (last time I checked).

Alternately, for a summary, check out Kernel Traffic.

DII-COE Rants, etc...

[merricks]

-UNCLASS-

I work as a DoD contractor supporting many HP/UX 10.20 and Solaris 2.5.1 based DII-COE 3.x systems. As far as DII-COE 4.x systems go, HP/UX will either up to 11.x or go away. The de-facto target Unix platform for DII-COE 4.x is Solaris 8, but the latest beta is on Solaris 7. I've heard rumors within DISA that a couple of rouge programmers have compiled a somewhat functioning COE under linux. Keep in mind that DII-COE 3.x is tightly integrated with CDE (4.x will be more abstracted). Alot of the DII-COE stuff is done at NASA's JPL, so you if you know any people there, push it. For now, if you want to start coding DII-COE apps that would have a GUI toolkit which ports easily to Linux, think about using GTK+. I am in the process of submitting the GTK+ and GLIB 1.2.8 (for Solaris 2.5.1) to DISA for acceptance as an official segment. After the initial acceptance, I will work on getting segments published Solaris 7 and HP/UX 10.20 also.

-UNCLASS-

Linux and DII/COE compliance...

[Penguin_99]

I work for a large government contractor and just, today, returned from a DII/COE training seminar. I had a similar question regarding Linux and DII/COE compliance and this is what I came up with...

As of right now the major DII/COE compliant systems are Solaris, NT4, HP-UX and IRIX (which just recently was approved by DISA). The reason that Linux is not and will never (as long as the DII/COE rules stay they way they are) be DII/COE compliant is because it is open-source. One of the big things with DII/COE is that you can not get into the source code and "tweak" it thereby comprimising the integrety of it. The open-source nature of Linux sets off a red flag, to most government officals, that says "UNSECURE." For obvious reasons security is a big factor for the government and therefor is something the government takes extremely seriously and is evident from this quote right from the DII/COE SRS...

"The use of TFTP could create an unsecure state on the system and could be used to provide a distribution point for hacker files, pornography and pirated software."

Also, I noticed that some others were asking why NT was one of the DII/COE compliant systems, well read on... One of the reasons NT4 is DII/COE compliant, and this provides a humorous anticdote, is because of the Navy. A few years back the US Navy decided that instead of using UNIX based systems it wanted to use NT. So it spent several million dollars outfitting a battleship with NT servers and software. When the ship was finally completed it set sail for a week long trial run. A mile from port one of the NT servers "blue-screened" and froze up the entire ship. In fact, they had to send out a couple tug boats and tow the ship back to port.

Hope that helps....