Subject: Re: new lkm stuff ?
To: Justin T. Gibbs <gibbs@freefall.freebsd.org>
From: John F. Woods <jfw@jfwhome.funhouse.com>
List: current-users
Date: 08/26/1996 12:23:07
> >system bothers me, and strikes me as a hell of a security hole if an
> >intruder gains the ability to write to the root filesystem. Let's not go
> >that route, please.
> It would be interesting to know how NT can allow you to do this yet
> maintain C2 certification. Hmmm.
NT comes with a little utility that helps you configure your system for
C2 compliance. The two most relevant things it discusses are (1) you
have to turn off networking to match the NCSC C2 evaluated configuration
(hence, no intruders, assuming you start from a clean install), and (2)
you have to use the NTFS file system, which includes Discretionary Access
Controls, which (presumably) limit the amount of damage an intruder could
do.
The quick summary of the C2 Configuration Manager's advice is: shut off
anything that makes your computer usable and reboot.