20 Questions # 5 update [PSARC/2009/179 FastTrack timeout 03/25/2009]

[Darren J Moffat]

Gary Winiger wrote:
>>>  5.  Projects need to be aware of the overall security of the system and how
>>>      their components affect it. Which parts of this project are critical to
>>>      the security of the system to avoid such unintended consequences such
>>>      as unauthorized system entry, unauthorized access to or modification of
>>>      data, elevation of privilege, denial of service, ...? Does this project
>>> -    require elevated privilege?
>>> +    require elevated privilege?  Does the project interact with or affect
>>> +    Solaris Trusted Extensions (TX)?
>>>      
>> The question that comes to my mind is - would I know if my project affects TX? 
>>   I've never run TX, and I imagine I'm not alone in that.  Same for labeled 
>> security.
> 
> 	You could talk with the TX team.  Just like you'd talk with any
> 	other team.  IIRC, part of the C-Team integration list is to
> 	run tests that include TX tests.  They are supposed to now be part
> 	of standard Product Integration Testing.

If a project has issues with or works differently in zones then there 
could be a TX impact.  Also if a project provides a GNOME desktop GUI 
that runs with privilege and/or changes system wide config then there 
could be a TX impact.

-- 
Darren J Moffat