Firewall Wizards mailing list archives

Re: Re: Trusted OS...

From: "Marcus J. Ranum" <mjr () nfr net>
Date: Tue, 28 Mar 2000 14:07:27 -0500



Paul McNabb wrote:

Yes, I classify Sidewinder on BSDI as a trusted OS (in addition to the
LOCK stuff), because it implements a mandatory access control policy
which is universally applied and it provides the ability to control
privilege operations, both of which are defining characteristics of a
trusted OS (along with the design/implementation process that is intended
to meet evaluation criteria).  The fact that domain type enforcement is
not a Bell-LaPadula model doesn't eliminate it from the running.


No, I wasn't eliminating DTE because it's not Bell-LaPadula. I was
questioning whether or not it's really a trusted O/S because what
they did was take a commercial O/S and jam some trusted features
into it. You know as well as I do that doing so does not automatically
make the whole O/S trustworthy. I never managed to pin them down
as to what degree of other review of the O/S they performed. Various
sources told me "little to none."  When you're building a trusted
operating system, you go over the whole thing - it's a more involved
process than (ahem!) just slapping a few function calls in front of the
jump table on file system and socket system calls.

One of the reasons LOCK was such a humongous project was
because Secure _did_ try to build a trusted operating system. When
they built sidewinder they looked at what it would take to make a
firewall run on a _real_ trusted O/S and decided that they'd just
slap a few features from LOCK into BSDI. I was at TIS at the
time and also looked at putting a firewall on Trusted Xenix. ;)
So the same logic went through my head. Those darned trusted
O/S are so klunky to work within it's a nightmare. Simply lifting
a few nice features from them into a decent O/S is about the
only way to go.

That being said, BSDI is a better O/S than most of the trusted
operating systems, anyhow. ;)

What is "orange book fairy dust"?


Orange Book Fairy dust is what you sprinkle on top of
an ordinary commercial O/S like BSDI in order to make
your customers think they're getting a real trusted
operating system that was designed from the ground
up to be secure. It's synonymous with marketing
hype. ;)

mjr.

Current thread:

Re: [firewall-wizards] Trusted OS..., (continued)
- Re: [firewall-wizards] Trusted OS... Magosanyi Arpad (Mar 06)
  - Re: [firewall-wizards] Trusted OS... Jean Caron (Mar 12)
    - Re: [firewall-wizards] Trusted OS... Magosanyi Arpad (Mar 12)
    - Re: Trusted OS... Bennett Todd (Mar 21)
- Re: Trusted OS... Valerie Anne Bubb (Mar 06)
- Re: Re: Trusted OS... Paul McNabb (Mar 23)
  - Re: Re: Trusted OS... Marcus J. Ranum (Mar 28)
    - Re: Re: Trusted OS... Ryan Russell (Mar 29)
    - Re: Trusted OS... Bennett Todd (Mar 29)
- Re: Re: Trusted OS... Paul McNabb (Mar 28)
  - Re: Re: Trusted OS... Marcus J. Ranum (Mar 28)
    - Re: Re: Trusted OS... Iván Arce (Mar 29)
  - Re: Re: Trusted OS... Patrick Bryan (Mar 29)
- RE: Re: Trusted OS... Paul McNabb (Mar 28)