[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Linux audit v. Solaris audit



--- "Sponsler, Mike" <sponslerm netcsc com> wrote:

> From: "Sponsler, Mike" <sponslerm netcsc com>
> To: linux-audit redhat com
> Date: Thu, 16 Mar 2006 17:12:45 +0000
> Subject: Linux audit v. Solaris audit
>

> Is the audit daemon for linux similiar to the audit
> daemon for solaris
> 10?  Specifically does it do BSM auditing?

BSM is Sun's way to say "C2" without actually
commiting to completely meeting the C2
requirements. C2 is the archaic security
specification that is the basis for the Common
Criteria Controlled Access protection Profile
(CAPP). Linux Audit is designed to exceed the
CAPP requirements.

BSM and Linux Audit are independent*
implementations of facilities that are
intended to meet the same need. BSM
is older and based on older criteria.
Linux Audit is newer and based on
modern (as of today) criteria. The two
mechanisms take different approaches
to the problem, but in the end are
more similar than they are different.**

------
*   Well, there hasn't been much direct carry over.
** I wrote the original SunOS4.0 audit code.
    The two schemes are not that different.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]