20 Questions # 5 update [PSARC/2009/179 FastTrack timeout 03/25/2009]
Gary Winiger
gww at sac.sfbay.sun.com
Wed Mar 25 12:54:21 PDT 2009
> 5. Projects need to be aware of the overall security of the system and how
> their components affect it. Which parts of this project are critical to
> the security of the system to avoid such unintended consequences such
> as unauthorized system entry, unauthorized access to or modification of
> | data, elevation of privilege, denial of service, violation of labeled
> | security, ...? Does this project require elevated privilege?
>
> A number of specific policies and practices address various aspects of
> the security of the system. They are found in appendix 1. Which of
> these are applicable to this project, and how are they addressed?
>
> Appendix 1. Security references
>
> + Labeled Security:
>
> + http://en.wikipedia.org/wiki/Multilevel_security
>
> + See also PSARC/2002/762 Layered Trusted Solaris
>
> + http://opensolaris.org/os/community/arc/caselog/2002/762
This update to the 10(20) questions was approved at today's
PSARC meeting with +1s from two committee members.
Gary..
More information about the opensolaris-arc
mailing list