home *** CD-ROM | disk | FTP | other *** search
- .\" Use -mm macros
- .ds Rh POSIX.6: POSIX Security Extensions
- .ds Au Ana Maria De Alvare\*' <anamaria@sgi.com>
- .ds Dt July 8-12, 1991
- .ds Lo Santa Clara, CA
- .ds Ed Stephen R. Walli <stephe@usenix.org>
- .ds Wd U\s-3SENIX\s0 Standards Watchdog Committee
- .if '\*(Su'' \{\
- .ds Su the \*(Dt meeting in \*(Lo:
- .\}
- .if n \{\
- .tm Subject: Standards Update, \*(Rh
- .tm From: \*(Ed
- .tm Reply-To: std-unix@uunet.uu.net
- .tm Organization: \*(Wd
- .tm
- .\}
- .AF "\*(Ed, Report Editor"
- .AU "\*(Wd"
- .MT 4
- .S 12
- .sp
- \*(Rh
- .if n \{\
- .nh
- .na
- .\}
- .sp
- .P
- \fB\*(Au\fP reports on \*(Su
- .P
- Hello \s-1USENIX\s0 members!
- .P
- This time my report will be very brief.
- It is
- brief
- because there were no big disagreements at the meeting,
- and because
- the whole week was spent in cleaning up the document for formal
- ballot.
- .P
- This was the last meeting working in functional subgroups,
- addressing discretionary and mandatory access controls
- (\s-1DAC\s0 and \s-1MAC\s0),
- audit,
- and privileges.
- At the next meeting the group will be divided into
- people helping with the balloting process,
- doing test assertions,
- and
- identifying areas that \s-1POSIX.6\s0 has not covered.
- The ballot document should come out sometime after the September mailing
- (September 10,
- 1991).
- .P
- \s-1POSIX.6\s0 spent the whole week addressing all the mock ballot comments
- and objections.
- A small group of three people,
- including myself,
- began working
- on the first draft of the \s-1POSIX.6\s0 test methods.
- The test methods
- draft will be brought to the next meeting
- and
- people from the disbanded subgroups
- will begin creating test methods for
- the functions defined in \s-1POSIX.6\s0 document.
- It will be a long week!
- .P
- So what areas aren't covered in the current \s-1POSIX.6\s0 draft?
- The three major areas that I know are not covered are:
- .DL
- .LI
- authentication,
- .LI
- security system administration, and
- .LI
- network
- security.
- .LE
- .P
- There are items in the subgroups which are also not addressed.
- A portable audit format has not been fully defined,
- and so
- is not going out for ballot.
- With mandatory access controls,
- we decided at this meeting
- to not enforce privileges on an implementation of multi-level
- directories.
- Except for some clean-up in Draft 11,
- discretionary access controls remain the same.
- .P
- The data type issue
- still remains
- across the \s-1DAC\s0,
- \s-1MAC\s0,
- audit,
- and privileges subgroups.
- To interoperate between systems,
- opaque objects need to be stored and retrieved without concern
- for the implementation defined formats.
- An opaque object model also provides consistency across the interfaces.
- \s-1POSIX.6\s0 subgroups have defined a number of security related objects.
- We cannot agree on a way to represent these,
- but have determined four possibilities:
- .DL
- .LI
- A Type 1 object is opaque,
- and is only valid for use by the process which
- gets the data,
- and only for the lifetime of the process.
- .LI
- A Type 2 object is still opaque,
- but it must be self-contained
- and
- persistent.
- .LI
- A Type 3 object is a text string with an undetermined format.
- \s-1MAC\s0 labels
- are represented as Type 3 data types.
- .LI
- A Type 4 object is a text string with a defined format.
- Access Control Lists (\s-1ACL\s0s) have a
- Type 4 representation.
- .LE
- .P
- One compromise was that the subgroups would define conversion routines
- for Type 2 and 3 data,
- which would return an opaque object and the length in bytes of the
- object.
- .P
- We were still unable to agree upon a uniform type representation across
- the four subgroups in the July meeting.
- This issue will likely be a hot one in the balloted document.
- We will have to
- wait
- and
- see what the ballot brings to resolve this.
- .P
- Well,
- that's all folks!
- Keep an eye out
- for the \s-1POSIX.6\s0 ballot.
-
