[redhat-lspp] LSPP/RBACPP requirements v.017
George C. Wilson
ltcgcw at us.ibm.com
Tue May 16 00:29:26 UTC 2006
Please find the latest development status attached. Tasks marked 100% are
complete. I'll start pulling them either into a separate list, or filtering
them out entirely, depending on what the community prefers.
--
George Wilson <ltcgcw at us.ibm.com>
IBM Linux Technology Center
-------------- next part --------------
01 Audit record augmentation
Description: Augment audit records with additional LSPP & RBACPP
attributes: subj and obj labels; roles, host identity,
event type, and access types where available.
Implementation: Add additional SELinux fields to audit records.
Status: Patch upstream; needs test.
Upstream: Red Hat, lkml
%: 99
Owner: Kirkland, Dustin
Org: IBM
02 Audit of additional events
Description: Add additional instrumentation to kernel and userspace,
particularly for user data import/export; catchall for
issues not covered elsewhere. May include new audit record
types for: sub, obj, anomalies, responses.
Implementation: Additional events have been added where necessary.
Status: Need to identify remaining gaps.
Upstream: Red Hat, lkml
%: 90
Owner: Grubb, Steve
Org: Red Hat
03 Audit of network events
Description: Add hooks to IPsec implicit packet labeling. Needs to
include audit by network address.
Implementation: Should mostly be covered by existing AVC audit records. May
need to document that network configuration changes
require reboot (per @sec). DHCP should be disallowed.
Status: Agreed that this is covered at SELinux Summit.
Upstream: netdev, lkml
%: 100
Owner: Kirkland, Dustin
Org: IBM
04 Audit of print events
Description: Instrument CUPS.
Implementation: HP completed a new CUPS patch and discussed extensively on
this list.
Status: Patch needs to go upstream to CUPS list; depends on print
patch.
Upstream: CUPS mailing list
%: 95
Owner: Anderson, Matt
Org: HP
05 Audit of other import/export events
Description: Audit of device allocation + audit of devices not covered by
dev allocator hooks or existing AVC audit records.
Implementation: Add audit hooks for device allocator and other relevant
device-related events.
Status: Consensus is this is already covered . Device allocator
audit needs test.
Upstream: Device allocator project; Individual dev mailing lists
%: 99
Owner: Velarde, Debora
Org: IBM
06 Audit of user and role modifications
Description: Must audit tools that modify users and roles in flat file
implementation. Includes passwd. Utilities upon which
this depends covered in separate task.
Implementation: Red Hat will be writing the user and role tools. Ensure that
audit records are generated.
Status: Needs test.
Upstream: mlsutils package
%: 100
Owner: Walsh, Dan
Org: Red Hat
07 Audit instrumentation of trusted programs, including
SELinux tools
Description: Analyze userspace and identify those programs that require
audit hooks and trusted program modification. At the
moment, looks like only init and newrole need to be
instrumented--others are audited by kernel.
Implementation: Instrument newrole for audit, make it suid, and drop
capabilities other than audit append.
Status: No new trusted programs identified lately; identify any
remaining gaps.
Upstream: SELinux list, kernel community
%: 90
Owner: Grubb, Steve
Org: Red Hat
08 Audit-fs completion
Description: Completion of auditfs patch.
Implementation: Implementation in progress by Amy.
Status: Patches are incorporated into development kernel. Inotify
integration is still ongoing.
Upstream: fsdevel, lkml
%: 85
Owner: Griffis, Amy
Org: HP
09 Audit filtering in kernel or daemon with additional LSPP &
RBACPP attributes--Selective Audit
Description: Add kernel or daemon audit filtering to CAPP audit. Solution
must filter/suppress records based on all available LSPP &
RBACPP attributes: obj and subj labels, object identity,
role, hostname, event type, and access type.
Implementation: Red Hat, IBM, and HP have posted patches that allow filtering
on various criteria.
Status: Most all filtering should be in place.
Upstream: lkml
%: 95
Owner: Grubb, Steve
Org: Red Hat
10 Audit browse, sort, search (ausearch) with additional LSPP
& RBACPP attributes--Audit Selection
Description: Create command line browse utility. Must include all
available LSPP & RBACPP attributes: obj and subj labels,
object identity, role, hostname, event type, and access
type. Note there is no X-window System in certified
configuration.
Implementation: An ASCII version exists
Status: ASCII ausearch w/sub and obj labels implemented; API
proposed on list; binary record format being discussed.
Upstream: Red Hat
%: 95
Owner: Grubb, Steve
Org: Red Hat
11 DAC policy and function
Description: Existing DAC mechanisms should cover; ensure all objects
are covered and ensure owner, perm bits, ACLs are
appropriate.
Implementation: Should already be covered.
Status: Needs to be analyzed to ensure complete coverage. This is
really an assurance issue.
Upstream: What, if anything, is specific to the certification RPM?
%: 99
Owner: Wilson, George
Org: IBM
12 MLS policy and function
Description: SELinux MLS function and base MLS policy provide
foundation; ensure the MLS policy correctly deals with
trusted processes, overrides, restrictions on
import/export, VFS polyinstantiation; requires
extensive testing.
Implementation: NSA, TCS, Tresys, Red Hat, and others have posted patches.
Status: Red Hat has incorporated MLS policy into Rawhide and ported
it to reference policy. There are still kinks to work out.
Upstream: SELinux mailing list, Red Hat MLS policy RPM
%: 90
Owner: Walsh, Dan
Org: Red Hat
13 IPsec labeled packets: Base patch
Description: Indirect packet labeling based on mapping IPsec SAs to
SELinux security contexts; AH-only with physical network
security reduces/eliminates FIPS crypto cert
requirements.
Implementation: Trent Jaeger / IBM posted patch to netdev. They plan to
continue working this item.
Status: Requires documentation, and additional stress and
interoperability testing.
Upstream: netdev, lkml
%: 99
Owner: Jaeger, Trent
Org: PSU
14 Labeled print
Description: MLS labels required on banner pages, headers, and footers.
Implementation: There have been a couple of iterations on this. Current
thinking is to use untrusted CUPS server to feed a trusted
CUPS server as scaled image.
Status: Matt is now working on the trusted server. Plans to post new
patch soon.
Upstream: CUPS mailing list
%: 85
Owner: Anderson, Matt
Org: HP
15 VFS polyinstantiation
Description: Namespaces unshare() syscall patch and PAM exploitation of
it.
Implementation: NSA posted polyinstantiation patch. Red Hat been working on
namespaces extensively. IBM has posted unshare syscall
patch and PAM integration patches.
Status: Namespaces module and config file need manpages.
Upstream: lkml, pam-list
%: 99
Owner: Desai, Janak
Org: IBM
16 Device allocation
Description: Device allocation patch posted by TCS + enhancements,
and/or forced relabeling upon device insertion; requires
testing. Functions: authorization, synchronization,
device node context assignment, eject/close.
Implementation: TCS posted framework patch. HP posted policy for it.
Status: Needs to be packaged. Does not do mounting--consensus is
that is OK.
Upstream: Device allocator SF project
%: 95
Owner: Hanson, Chad
Org: TCS
17 Test and possibly restrict file archivers
Description: star already maintains xattrs; zip/unzip patched to
support xattrs. Need to restrict to the admin. Enhancements
to other archivers exceed LSPP reqs.
Implementation: IBM has added xattr support to zip/unzip, which did not make
the cutoff date .
Status: Need to test star w/MLS and ensure policy is correct.
Upstream: archiver maintainers for modifications; selinux list for
policy
%: 95
Owner: Velarde, Debora
Org: IBM
18 Disable udev & hotplug after boot (was Device labeling via
udev)
Description: Current thinking is to disable udev & hotplug after boot.
(L/FDP_ETC, FDP_ITC) See also item 37--Disable DBUS after
boot.
Implementation: Disable hotplug after boot for the evaluated config. This
involves investigation and modifications to init scripts
for evaluated configuration.
Status: Init script mods need to be incorporated. Debora documented
the results and posted init scripts prototype.
Upstream: Red Hat Certification RPM
%: 95
Owner: Velarde, Debora
Org: IBM
19 Label translation
Description: Translation of sensitivity labels into human-readable
form.
Implementation: libsetrans incorporated into SELinux.
Status: libsetrans is upstream; requires test.
Upstream: SELinux list
%: 100
Owner: Walsh, Dan
Org: Red Hat
20 Mail
Description: User mail required for admin mail only, probably only cron.
Possible solutions: multi-level MTA, admin-only MTA,
direct procmail invocation; direct delivery by cron into
poly'd directories. Complete solution may be interesting
but is not a requirement.
Implementation: Modify cron to accept new mailer; use modified mailer to
deliver cron output.
Status: Cron has been modified to pass in a mailer; cannot use mailx as
is; need to determine delivery mechanism (wrappered mailx
or procmail).
Upstream: No central cron maintainer; Red Hat will carry cron patch;
need cron configuration for certification RPM.
%: 25
Owner: Desai, Janak
Org: IBM
21 Multilevel xinetd
Description: Patch xinetd to obtain label from inbound connections and
spawn child daemons with correct context. Will have to be
documented as trusted program.
Implementation: TCS has posted a patch. Trent also has a student working on an
implementation.
Status: Steve Grubb has some issues w/patch. Trent's student's
patch execs children at the right level. Trent to post patch.
Any concern about DAC attributes or MLS connection ranges?
Upstream: Steve Grubb, xinetd list
%: 65
Owner: Hanson, Chad
Org: TCS
22 Multilevel sshd
Description: Patch sshd to spawn child processes with correct context.
Implementation: This may be possible by simply patching PAM module.
Status: sshd needs to be tested with xinetd. Looks like we will not
need this with xinetd approach. Composition with
multilevel xinetd requires test. Will privilege
separation cause problems?
Upstream: openssh-unix-dev
%: 0
Owner: Latten, Joy
Org: IBM
23 Multilevel cron
Description: TCS posted polyinstantiation-aware Vixie cron; TCS
approach useful, but useful only for MLS labels and
dependent on TCS polyinstantiation mechanism. Comments on
redhat-lspp suggest extending cron/crontab protocol to
support security context.
Implementation: TCS posted the patch; IBM is working to integrate with
namespaces-based polyinstantiation.
Status: Janak is waiting to hear back from maintainers. Janak has
posted an updated patch that changes the cron protocol per
his writeup; needs test.
Upstream: Patch should be in rawhide son. No central cron
maintainer--Janak is sending to all distro cron
maintainers per Stephen Smalley. Distros will have to carry
the patch.
%: 95
Owner: Desai, Janak
Org: IBM
24 Multilevel at
Description: Base at work on multilevel cron.
Implementation: Open; IBM and TCS are likely interested in this as they have
been working on cron.
Status: This work is folded in with cron. Needs test.
Upstream: Red Hat will carry patch for evaluated configuration.
%: 95
Owner: Desai, Janak
Org: IBM
25 Multilevel tmpwatch
Description: Patch tmpwatch to handle polyinstantiation.
Implementation: Very likely only manpage changes.
Status: Janak has performed initial investigation; no code changes
should be necessary.
Upstream: tmpwatch maintainer
%: 90
Owner: Desai, Janak
Org: IBM
26 Multilevel slocate
Description: Slocate needs to be removed from evaluated configuration.
Implementation: Ensure removal from evaluated configuration package list.
Status: Consensus at last discussion is to remove from package list.
Upstream: Ensure this is removed by the Red Hat Certification RPM.
%: 99
Owner: Grubb, Steve
Org: Red Hat
27 Revocation of user and object attributes
Description: Killall with user and context matching and wrapper script to
lock account and kill all user processes. Similar approach
can be taken with fuser.
Implementation: George has psmisc patch to be posted. Needs to use auid and
document regex caveats as well.
Status: George will re-port killall auid patch and rewrite the user
revocation script in python. Obj revocation will be
procedural.
Upstream: psmisc sf project, Red Hat certification RPM
%: 75
Owner: Wilson, George
Org: IBM
28 Useful role definitions
Description: Define a useful set of roles in the MLS policy. The admin roles
should be separated. Consider including a crypto admin
role. Ensure each override is accessible through at least
one role.
Implementation: Red Hat added role separation to MLS policy with input from
TCS. However, because the policy must be static in the
evaluated config, the user admin tool will be used to assign
roles to users.
Status: Now we have sysadm and audadm. Additional flexibility
exists with policy modules, including overrides. Need to
document role assignment procedure.
Upstream: selinux list
%: 90
Owner: Wilson, George
Org: IBM
29 Management of users and roles in flat file
Description: Create command line tools to manage and audit users and roles
in flat file separated from base MLS policy. Actions need to
be audited, which is covered in a separate task.
Implementation: Red Hat has been working on flat file user and roles
implementation.
Status: Red Hat posted user and roles in flat files documentation.
Tools need to be created and instrumented with audit hooks.
Upstream: Red Hat mlsutils package
%: 100
Owner: Walsh, Dan
Org: Red Hat
30 Self tests
Description: Define a simple set of tests that can be run periodically by an
administrator or cron job that demonstrates correct
operation DAC and MAC policies, and verifies integrity of
configuration files, including SELinux policy. Tests
shall produce audit records.
Implementation: Permission and label checks via script, binary integrity
validation via rpm -V, check enforcing.
Status: George needs to incorporate feedback from list; wrote
manpage. Needs additional SELinux checks, manpage, and
test. Policy integrity verification and versioning would
be nice, but are not in scope.
Upstream: Red Hat Certification RPM
%: 65
Owner: Wilson, George
Org: IBM
31 I&A
Description: All these requirements are similar to CAPP. Augment tests to
account for sensitivity labels.
Implementation: Needs to be tested for certification.
Status: This is assurance work to verify that I&A functionality.
Upstream: LTP?
%: 99
Owner: Desai, Janak
Org: IBM
34 Ensure all named objects are covered by DAC & MAC
Description: Objects shall include: files, named pipes (fifo), sockets,
devices, shared memory, message queue, semaphores. New
object: kernel keys - would need man pages, structured
comments, & test cases.
Implementation: Needs complete coverage for certification.
Status: Assurance work; ensure coverage in ST.
Upstream: Red Hat Certification RPM
%: 95
Owner: Wilson, George
Org: IBM
35 Provide minimal number of MAC levels and categories
Description: There shall at least 16 levels of hierarchical labels and 64
compartments (L/FDP_IFF.2.7). However, we should have 256
compartments per customer requirement.
Implementation: Need to meet minimum specified in LSPP. However, customers
may require more.
Status: Was marked complete. However, customer input a SELinux
Symposium indicated a greater number of categories is
necessary; ensure coverage in ST.
Upstream: SELinux mailing list
%: 95
Owner: Walsh, Dan
Org: Red Hat
36 Audit record unique session/terminal ID
Description: Events shall contain unique session identifier and/or
terminal.
Implementation: Could be and ID a la loginuid; don't want to add a new one; only
required when available; incomplete coverage; add to audit
records where available.
Status: This work should be complete; ensure complete coverage.
Upstream: lkml, linux-audit
%: 99
Owner: Grubb, Steve
Org: Red Hat
37 Disable DBUS after boot (was Analyze removing DBUS)
Description: DBUS must be either documented and tested, restricted, or
removed. Ideally it will be removed from the ST. See also item
18--Disable udev & hotplug after boot.
Implementation: Remove dbus and see what breaks; discuss with Russell.
Status: Debora completed a report and init script mods. Mods need to
be incorporated.
Upstream: Red Hat Certification RPM
%: 95
Owner: Velarde, Debora
Org: IBM
39 Restrict kernel keyring access
Description: There needs to be a way to restrict the use of the kernel
keyring to the authorized administrator.
Implementation: The restrictions should be defined in the MLS policy, and
DAC, too, if possible.
Status: Ensure restriction in SELinux policy.
Upstream: Red Hat Certification RPM
%: 90
Owner: Walsh, Dan
Org: Red Hat
41 Audit of SELinux booleans
Description: Changing policy booleans is auditable event.
Implementation: SELinux needs to generate audit records when policy
booleans are changed.
Status: Needs test.
Upstream: SELinux list
%: 99
Owner: Grubb, Steve
Org: Red Hat
42 Audit of service discontinuity and fs relabeling (was Audit
of service discontinuity)
Description: Service discontinuity and fs relabeling are auditable
events.
Implementation: Ensure service discontinuities an fs relabels are
audited--bootup, shutdown, SELinux enable, SELinux
disable.
Status: This item needs an owner. Discontinuity should already be
covered; need fs relabel record. Need runlevel records.
Upstream: SELinux list, linux-audit
%: 85
Owner: Grubb, Steve
Org: Red Hat
43 Audit record subject labels for userspace records
Description: When user space message is relayed, add a subject message to
same event.
Implementation: The kernel needs to add the subject label for audit records
generated in userspace because the caller cannot be
trusted.
Status: Needs to get upstream. Tim produced an updated patch; Steve
reworked to use Darrel's i/f.
Upstream: SELinux list, linux-audit
%: 99
Owner: Chavez, Timothy
Org: IBM
44 Fail to secure state
Description: When role data base is offline, corrupt, or inaccessible,
the system shall preserve a secure state.
Implementation: SELinux denies everything by default. So, if the SS, DB, or
policy is unavailable, the system should come to a stop.
Status: Should already be covered by SELinux. Does policy load
failure generate an audit record?
Upstream: SELinux list
%: 90
Owner: Walsh, Dan
Org: Red Hat
45 Maintenance mode for secure recovery
Description: RBACPP stipulates that after a failure or service
discontinuity, the machine shall enter a maintenance mode
whereby the machine can be restored to a secure state. Maybe
config param for rc.sysinit.
Implementation: rc.sysinit change. Need to boot into single user mode for
maintenance after SELinux or audit failure.
Status: Dan Walsh volunteered to push this item. Init already panics
when policy load fails. A configurable option to drop into
single user mode would be nice. Also want something similar
for audit.
Upstream: Red Hat certification RPM
%: 50
Owner: Walsh, Dan
Org: Red Hat
47 Utility to list SELinux roles
Description: User shall have the ability to see list of authorized Roles.
This does not appear to be a strict requirement looking at
RBACPP FIA_ATD.1.
Implementation: This is not required by would be nice to have. Is there already
a way to do this? If not, need a utility for a user to list roles
that he/she can take on.
Status: Nice to have. Determine if this should be removed from
requirements list.
Upstream: SELinux list, Red Hat certification RPM
%: 100
Owner: Walsh, Dan
Org: Red Hat
49 MLS enablement of userspace
Description: All utilities that display contexts shall be updated to
display levels and categories. They shall display the
translated name.
Implementation: Ensure all userspace utilities display levels and
categories correctly. This should already be done. Unclear
that they should always display xlated names.
Status: Should already be covered requires test.
Upstream: SELinux list, Red Hat certification RPM
%: 99
Owner: Walsh, Dan
Org: Red Hat
50 Utility to compute closure of sub access to objs
Description: Given a file, the Admin shall be able to determine who can
access it. Request from military customers.
Implementation: apol does this graphically for SELinux, but relies on
library to do work. Write command-line utility. Requires
analysis of DAC permissions and SELinux policy.
Status: Reid volunteered to take this item. Nice to have. But there is
customer demand.
Upstream: Red Hat certification RPM
%: 10
Owner: Wightman, Reid
Org: USAF CDS Lab
51 IPsec labeled packets: Userspace ipsec-tools patches
Description: These are the userspace ipsec-tools patches that accompany
the kernel base patch. Includes Venkat's MLS patch for
racoon.
Implementation: Joy Latten and Trent Jaeger modified ipsec-tools to handle
syntax modifications required by kernel base patch. Venkat
produced a patch to handle MLS negotiations.
Status: Dan Walsh pushed to rawhide. Joy has forward ported and
posted the patch. Maintainer is presently swamped. Dan is
pushing from Red Hat side. Still requires incorporation of
Venkat's MLS enhancements.
Upstream: ipsec-tools
%: 90
Owner: Latten, Joy
Org: IBM
52 IPsec labeled packets: Packet context getsockopt() patch
Description: Patch that adds a socket-level getsockopt() to obtain
packets' SELinux contexts.
Implementation: Patch exists to get TCP connection peer security context.
This is insufficient for UDP. Patch rework will be required
to add a peek option.
Status: Needs test and exploitation by xinetd and network audit.
Upstream: netdev, lkml
%: 99
Owner: Zhang, Catherine
Org: IBM
53 IPsec labeled packets: Analyzers
Description: Tcpdump and ethereal need to understand IPsec labels. This
is not an LSPP/RBACPP requirement.
Implementation: Augment tcpdump and ethereal for filtering on labels.
Status: James Antill has taken this item. Nice to have.
Upstream: Tcpdump and ethereal maintainers
%: 10
Owner: Antill, James
Org: Red Hat
54 Audit of auditd signals
Description: Collect loginuid and context info for senders of signals to
auditd. SIGUSER1, SIGHUP, and SIGTERM are only ones used.
Implementation: Al Viro implemented this item.
Status: Needs test and upstreaming.
Upstream: linux-audit
%: 95
Owner: Grubb, Steve
Org: Red Hat
55 Shell prompt security decorations
Description: Add new configuration options for the bash prompt so that
level or other security attributes can be seen on the prompt.
Not strictly required by LSPP. However, this helps the user
keep the terminals straight as to what level each one runs.
Implementation: TBD
Status: James Antill has taken this item. Needs analysis.
Upstream: GNU bash maintainer
%: 10
Owner: Antill, James
Org: Red Hat
56 LTP Tests (was Test)
Description: Write new LTP tests or incorporate existing unit and
functional tests.
Implementation: Ideally, respective task owners would contribute unit and
functional tests as complete LTP testcases. Share as much as
possible.
Status: Please write more LTP tests.
Upstream: LTP
%: 10
Owner: Wilson, Kris
Org: IBM
57 PF_KEY SPD query reliability
Description: The PF_KEY protocol does not return all the entries from SPD
queries when the number of entries is large.
Implementation: TCS is working on a solution wherein netlink is used to query
the SPD, and PF_KEY to perform all other SPD management
tasks.
Status: TCS would like help with this item. Red Hat bugzilla 181617
tracks this issue. TCS is working with netdev & ipsec-tools
communities to come to consensus on a design to remedy the
problem.
Upstream: netdev
%: 15
Owner: Hanson, Chad
Org: TCS
58 Audit data API
Description: An API is required to provide a way for audit consumers to
access audit records.
Implementation: Should be a simple API that is easily wrappered by python.
Status: Steve is implementing this.
Upstream: linux-audit
%: 60
Owner: Grubb, Steve
Org: Red Hat
59 Audit of child processes
Description: Need to audit child processes so that autrace can produce
output useful to polgen and other audit data consumers.
Implementation: Create audit records for child processes.
Status: Steve Grubb is implementing this feature.
Upstream: linux-audit
%: 5
Owner: Grubb, Steve
Org: Red Hat
60 Label translation daemon
Description: Need a daemon intermediary for label translation because
applying BLP rules to prevent reading the translation file
will make it unavailable to most users.
Implementation: A label translation daemon has already been written by TCS.
Status: Needs test. This has been incorporated as a replacement for
libsetrans.
Upstream: libsetrans patch
%: 95
Owner: Hanson, Chad
Org: TCS
61 Audit failure action inquiry
Description: Require a way for applications, such as CUPS, to determine
whether to continue running or die when audit is
unavailable.
Implementation: Configuration option in auditd.conf and inquiry function
in libaudit.
Status: Design looks good. Lisa will start coding something up.
Upstream: linux-audit
%: 25
Owner: Smith, Lisa
Org: HP
62 Audit of POSIX message queues
Description: Need audit coverage for syscall i/f as in addition to the fs
i/f.
Implementation: Add audit hooks to POSIX message queue syscalls.
Status: George will post initial patch soon.
Upstream: linux-audit
%: 65
Owner: Wilson, George
Org: IBM
63 Analyze/instrument new kernel features
Description: Need to check TIPC, OCFS, configfs, and mutexes for DAC & MAC
coverage.
Implementation: Depends on outcome of analysis.
Status: Needs analysis. This item needs an owner.
Upstream: selinux-list, others?
%: 0
Owner: Grubb, Steve
Org: Red Hat
64 Audit performance
Description: Functional enhancements to the audit subsystem have
resulted in an unacceptable performance degradation.
Performance must be significantly improved before the
changes are upstreamable.
Implementation: Perhaps suppress audit data collection if record will not be
emitted at syscall exit.
Status: Amy posted a patch based on Al Viro's writeup. Needs test.
Upstream: redhat-audit
%: 100
Owner: Grubb, Steve
Org: Red Hat
65 Audit netlink deadlock / ENOBUFS
Description: Audit deadlocks processing a large number of syscall rules;
also happens on -mm. Some change is now filling the buffer.
Implementation: Queue up the packets under the mutex; still need to determine
root cause.
Status: Now we need to fix the ENOBUFS problem. Al's patch to queue
skb's verified. Need to fix upstream.
Upstream: linux-audit, lkml
%: 100
Owner: Wilson, George
Org: IBM
66 Audit watch misc bugs
Description: First attempt to add a watch fails; subsequent adds succeed.
Also, watches seem to match by len.
Implementation: Incorporate missing patch.
Status: This is fixed. Patch was missing from test kernel.
Upstream: linux-audit, lkml
%: 100
Owner: Griffis, Amy
Org: HP
67 CIPSO
Description: Paul Moore is working on a CIPSO implementation for Linux.
Implementation: Learn from past issues and create something this is both
compatible with other implementations & acceptable
upstream.
Status: Paul has posted patches and gotten good feedback.
Upstream: lkml
%: 55
Owner: Moore, Paul
Org: HP
68 IPsec labeled packets: xfrm MLS support
Description: Need to handle MLS in the xfrm protocol.
Implementation: Augment the base IPsec labeling patch to make it aware of MLS
attributes. Also augment SELinux MLS policy.
Status: Venkat has a patch. Needs to be reviewed, commented on,
submitted to netdev, and upstreamed.
Upstream: netdev
%: 70
Owner: Yekkirala, Venkat
Org: TCS
69 IPsec labeled packets: Unix domain sockets
Description: Need to extend inet IPsec labeling to Unix domain sockets.
Implementation: Catherine wrote patches to apply IPsec labeling to Unix
domain sockets.
Status: Need to ensure the patches actually made it into the kernel.
Upstream: netdev
%: 90
Owner: Wilson, George
Org: IBM
63 rows in set
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20060515/fd806f94/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lspptasks017.ps
Type: application/postscript
Size: 314726 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20060515/fd806f94/attachment.ps>
More information about the redhat-lspp
mailing list