[redhat-lspp] Re: Separation between secadm and sysadm problem????
Klaus Weidner
klaus at atsec.com
Wed Mar 15 00:53:25 UTC 2006
On Tue, Mar 14, 2006 at 06:04:19PM -0500, Steve Grubb wrote:
> On Tuesday 14 March 2006 17:35, Klaus Weidner wrote:
> > It's ok, LSPP and RBAC still assume trustworthy admins. There should be
> > some reasonable audit records about these actions though, and as you say
> > the documentation should point out the enforcement limitations.
>
> I guess we are wondering about how to split up the access. Is there any
> guidance on that or just do whatever 'cause it doesn't matter? How things get
> split up will affect the documented procedures.
My previous mail didn't really answer your question... The LSPP and RBAC
protection profiles don't go into any real detail about specific
requirements for such roles, so from that point of view you could do a
fairly arbitrary split. The specific actions I listed in the previous
mail were just suggestions and largely based on how I understand the
current separation, and not specifically from any standard.
A straightforward policy where the roles aren't too tangled up would of
course have the advantage of being easy to document and understand. Doing
it in a way that's useful to end users is optional from a certification
point of view but recommended, and that's where user input would be
helpful.
-Klaus
More information about the redhat-lspp
mailing list