20 Questions # 5 update [PSARC/2009/179 FastTrack timeout 03/25/2009]

Tue Mar 24 12:51:06 PDT 2009

> >> >     You could talk with the TX team.
> 
> As with all the 20Qs, there is significant value in having something
> more than an open ended question that teams can't fully comprehend.
> Some sort of context (checklist, description, URL, Best Practice,...)
> so that the teams can say "hey, that sounds like something our stuff
> might or should do" rather than "No, we don't do {TX, branded zones,
> zones}, ignore the question - uhm, what is {TX, branded zones,
> zones}?".

	We seemed to have gotten a discussion mostly around proposal 1.
	and TX specifically.  Based upon both the comments in the mail
	log and out of band comments, I'd like to bring proposal 2
	as my concrete proposal (an updated 20questions is in the case
	directory):

5.  Projects need to be aware of the overall security of the system and how
    their components affect it. Which parts of this project are critical to
    the security of the system to avoid such unintended consequences such
    as unauthorized system entry, unauthorized access to or modification of
|   data, elevation of privilege, denial of service, violation of labeled
|   security, ...? Does this project require elevated privilege?

    A number of specific policies and practices address various aspects of
    the security of the system. They are found in appendix 1. Which of
    these are applicable to this project, and how are they addressed?

Appendix 1. Security references

+   Labeled Security:

+   http://en.wikipedia.org/wiki/Multilevel_security

+   See also PSARC/2002/762 Layered Trusted Solaris

+   http://opensolaris.org/os/community/arc/caselog/2002/762

	Specifically to John's thoughtful comments, yes, projects
	can always ignore a question from ignorance and adding labeled
	security to the list of unintended consequences doesn't really
	change that.  The previous for of question 5 presupposed
	understanding of a number of other security concepts.  Case owners
	are ultimately responsible for helping/guiding projects
	understanding.

Gary..
P.S.	When the case log comes back on line, 2002/762 should be
	viewable.  I've redacted it.