On Thursday, January 18 2007 7:07 pm, Casey Schaufler wrote: > --- Klaus Weidner <[EMAIL PROTECTED]> wrote: > > The current system doesn't specifically support > > single label interfaces > > without labeled networking. > > That would imply that all networks are > mutilabel with labeled networking.
I believe that is the assumption for the current LSPP evaluations, like it or not. > > The sshd implementation > > does support level > > selection when not using labeled networking, but > > obviously people will > > need to use labeled networking when they expect MLS > > constraints to be > > enforced on their network communication. > > That is unfortunately not the case. People > will expect to hook thier MLS box onto a > network with *gasp* Windows boxes, and > expect to be able to log into the MLS box > from the Windows boxes. If your sshd allows > someone to log in at two different labels > from the same Windows box I expect that > you will have an issue with your evaluators > because you have a device (e.g. eth0) that > does not enforce MLS policy. Well, considering that we assume only labeled networks/interfaces then we don't really ever run into this problem - if a machine is on the network it is sending labeled packets. If you have unlabeled networks you will need to put some sort of guard/barrier/router/firewall in place. I realize this is far from ideal, but I tend to think it's a reasonable first step. There are some things this first round of LSPP evaluations are not going to cover, but you have to draw the line somewhere (there is some old adage about shooting engineers, I can't remember it as I try to block it out). I'm confident we'll get it "right" but it's going to take some time. In the meantime we've still managed to pull something together which works, will be (knock on wood) RBAC/LSPP certified, and is somewhat useful. This stuff ain't easy - you of all people know that I'm sure :) -- paul moore linux security @ hp -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
