It depends on the Common Criteria Evaluation Assurance Level (EAL)
whether the code od a product gets inspected and how intensely this is
done!
Roland
Bill Royds wrote:
>
> Concurrent code is more difficult than linear code, but to achieve Common Criteria
>Approval, the proxy firewall has to show the security of the TCP/IP stack and kernel
>as well. The OS can't be trusted unless it too has CC approval (as some do).
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Bernd Eckenfels
> Sent: Friday, December 01, 2000 14:02
> To: Bill Royds
> Cc: Nguyen_Trang; '[EMAIL PROTECTED]'
> Subject: Re: Dod & CheckPoint backdoor
>
> On Thu, Nov 30, 2000 at 09:37:10PM -0500, Bill Royds wrote:
>
> > Since FW-1 uses stateful packet inspection rather than application proxies
> > (mostly), it should be easier to examine.
>
> nope, it is quite complicated to verify kernel ode interrupt handlers with
> al kind of concrrency problems and undefined protection from the os.
>
> It is much more easy to verify a 10 line user mode program which uses normal
> socket operations. Take a look at the old FWTK Papers on that Topic. Of
> course this asumes you trust the OS.
>
> Greetings
> Bernd
> --
> (OO) -- [EMAIL PROTECTED] --
> ( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
> o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
> (O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
