On Friday, 03/23/2007 at 01:51 AST, "Schneck.Glenn" <[EMAIL PROTECTED]> wrote: > Wonder where z/Linux, z/VM and z/OS ranked.............
:-) z/VM, z/OS, and Linux all have or are working on Common Criteria EAL4 certifications. One could compare the security targets (description of the functionality, etc.) to see what we each include in our evaluated configurations. That was the point on the Common Criteria: An internationally recognized functional and assurance standard for security capabilities. The number of security patches issued in the last 6 months isn't particularly indicative of anything. It could mean: - The vendor isn't fixing known problems - Sunspots - All known problem have been fixed - There are no more problems - The known problems are Really Really Hard to fix - New problems are piling up behind the old ones - The vendor isn't publishing known problems - A discontinuity in the space-time continuum - The people who fix them are on vacation or sabbatical - The fixes keep falling behind the printer where no one can find them <yawn> Alan Altmark z/VM Development IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
