Re: C2 Certification
> My name is Jasmine Chan and I was wondering which packages of Linux is C2
>Certified. And if they are not, is there any steps taken to make Linux C2
>certified. Thanks in advance for your help.
As I understnad it, C2 certification must be granted by a certifiacation
authority; there is no checkliust that a developer can go over in order
to declare his own code C2.
Of course, you have to _pay_ to get someone to test your system to
see if it is C2 secure.
There are several things that (AFAIK) Linux does not do that C2 requires.
ALso, there are some things about unix that must be disabled before C2
could ever be reached. The fact that root cannot be locked out of any file
is a definite no-no ; C2 does not have a 'superuser' concept. The kernel
must actively prevent one uer from seeing any of another user's data-
this means cleaning deleted filers from the HD, bzero'ing memory when a
process terminates (or when the memory is allocated, obviously), etc.
I believe that 'su' is also agains thte grain of C2.
In short, if you _require_ C2, then you won't be able to use Linux any