Re: 2.2.0 wishlist

Tim Wright (timw@sequent.com)
Fri, 14 Jun 1996 11:02:39 PDT


In message <Pine.LNX.3.94.960614094342.551C-100000@vci.vistacom.fi>,=?ISO-8859-
1?Q?Johan_Myr=E9en?= writes:
> On Thu, 13 Jun 1996, Cerberus wrote:
>
> > I think you may have a tough time finding that. Supposedly, NTFS is a c1
> > (supposedly soon to be c2) secure file system, which means that no OS
> > except for NT is supposed to be able to read/write from it.
>
> Security by obscurity? The only way to achieve that goal is to encrypt the
> file system.

Indeed.
C2 means nothing of the sort.
C2 security implies Discretionary Access Control, and you have ACLs (can't
remember if they are required or whether the Unix user/group/other perms
are good enough).
B1 required Mandatory Access Control where every object has a MAC label.
Even B1 does not involve or require encryption.

None of the Orange Book requirements have anything to say if you can obtain
physical access to the media, since, at that point, "all bets are off" :-)

t

--
Tim Wright, Worldwide Technical Services,         |  Email: timw@sequent.com
Sequent Computer Systems Inc., 15450,             |
SW Koll Parkway, Beaverton, Oregon 97006          |  Phone: +1-503-578-3822
"Nobody ever said I was charming, they said "Rimmer, you're a git!"" RD VI