SELinux Panel at FOSE in Washington

← Back to Stories (view on slashdot.org)

SELinux Panel at FOSE in Washington

Posted by timothy on Tuesday March 26, 2002 @12:51PM from the battening-hatches dept.

Tony Stanco writes: "Newsforge has an article on what happened at the Security Enhanced Linux panel in Washington about certification under the Common Criteria for Information Technology Security Evaluation standard."

4 of 73 comments (clear)

Min score:

Reason:

Sort:

Windows is secure??? by NOT-2-QUICK · 2002-03-26 13:17 · Score: 4, Interesting

From the article:

"Microsoft is currently trying to get the EAL4 for its Windows 2000 OS, and Dean argues that for Linux to be competitive at places like government agencies, where security ratings are used as a big evaluation tool for buying technology products, SELinux also needs the EAL4 rating."

While I can certainly understand the value derived through attaining a prestigious security rating such as this and truly advocate this undertaking as I believe it will benefit OSS as a whole, I have a hard time believing that is a necessity in terms of staying competitive with M$ Windows.

With the rather suspect security record (to say the least...) of the Windows operating system, I could never fathom a security conscious sect of the government ever selecting Windows in lieu of a POSIX compliant OS such as Unix (or Linux, FreeBSD, etc...) that is designed specifically with security in mind. Even more, I would be quite suspect of any organization that would actually certify the operating system as being secure!!!

Though Windows 2000 may win in a consumer-based market or even that of a commercial world due to it many bug-ridden features, these same traits open it up for failure any truly security conscious environment...

At least, that would be my view on the matter...

--
Beer is proof that God loves us and wants us to be happy. -- Benjamin Franklin
1. Re:Windows is secure??? by mjed · 2002-03-26 13:57 · Score: 2, Interesting
  
  The reason that the government should run Linux is not because of security, because almost any OS can be made relativly secure, especially with government funding. The problem with the government running Windows is that they are reliant on Microsoft. A government should never have a company have that much power over them. If the government switched to Linux, no company would "own" them, and not to mention the money they would save.
  
  --
  I'm a repairman in an imperfect world.
Linux Security Modules (LSM) by Crispin+Cowan · 2002-03-26 13:40 · Score: 4, Interesting

Note that the issue of getting SELinux from being a patch to Red Hat to being a truly generic solution is part of what the Linux Security Modules (LSM) project is all about: provide a module interface for the standard Linux kernel that can load a variety of modules, including SELinux. We are close to ready to propose the LSM patch for inclusion into the Linux 2.5 source tree. We maintain up-to-date LSM patches for both Linux 2.4 and 2.5.
Crispin
----
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Immunix: Security Hardened Linux Distribution
Available for purchase
NSA pushing open source for government! Thanks! by i_want_you_to_throw_ · 2002-03-26 15:37 · Score: 4, Interesting

Being a government contractor (Army) I totally welcome this.

I am in a NT shop and have a lonely Linux box that I managed to get in because I was able to show a couple of apps that the front office greensuiters thought were really neat and they said I could put one up (hooray!).

I was depending on providing more and more functionality as my sole method of bringing in more Linux, but now I can just go to the green suiters (who know NOTHING of technology) and say "Look, NSA did this".

Being good military men, I can hear them now "If it's good enough for NSA, no problem".

Like the poster on Newsforge said "I never thought I'd say this but 'Thanks NSA!'".

If you're in government and trying to push more open source, this may be just the 800 pound gorilla you need in your court.

NSA quite possibly may do more for open source in government than anyone. Sure is going to help my case out!