1 |
Hi all, |
2 |
|
3 |
When writing security policies, it is important to first have a vision on |
4 |
how the security policies should be made. Of course, final vision should be |
5 |
with a systems' security administrator, but a distribution should give a |
6 |
first start for this. |
7 |
|
8 |
For the time being, Gentoo Hardened's policies are based upon the reference |
9 |
policy's implementation, but I can imagine that this will evolve further. |
10 |
The moment however we start adding policies ourselves (outside simple |
11 |
patching of the reference policy's implementation) we need to have some |
12 |
rules on what or how our rules should be made. |
13 |
|
14 |
One first principle that we might need to discuss about is what we want to |
15 |
allow in our policy. Do we want to allow all normal behavior (i.e. you use |
16 |
an application or server the way it is meant to and we make sure no denials |
17 |
are generated for this) but shield off abnormal behavior as much as possible |
18 |
(by rightly aligning domains and types)? Or do we want to allow just enough |
19 |
so that the applications function properly during regular operations, |
20 |
causing various denials to be in place still? |
21 |
|
22 |
And if we would opt for the latter, do we want to dontaudit those denials to |
23 |
keep the logging clean, or do we then expect the administrator to manage his |
24 |
own dontaudits? |
25 |
|
26 |
Wkr, |
27 |
Sven Vermeulen |