[clug] Any Public Service organisations using Linix desktop and
Open Office?
Alex Satrapa
grail at goldweb.com.au
Thu Jul 3 06:41:31 GMT 2008
On 02/07/2008, at 18:07 , Kim Holburn wrote:
> Wow, Windows is methodically designed, tested and reviewed?
>
> I seem to remember that to get to CC on a system you have to
> seriously tie the system down.
Specifically:
1) the machine must be configured to only allow booting the one
operating system. The guide recommends removing the floppy drive
(yes, that's how old the certification is)
2) the machine must not have access to the Internet. Windows
activation is done over the phone
3) the evaluated configuration involves locking the actual computer
in a secure enclosure so that other drives can not be attached
4) the required patches to get XP into the evaluated configuration
are to be applied from disk locally, since the machine does not have
access to the Internet
5) A whole bunch of fiddling is done under the hood to prevent new
devices being added automatically, which includes removal of the
tools used to automatically load USB device drivers, for example
6) More work is done (about 20 pages of instruction) to remove
unwanted services
7) File system is encrypted
It's worth noting that RHEL 5 has EAL4+ too.
Similar procedures are required for Mac OS X - Apple has
documentation on how to prepare a machine equivalent to the evaluated
sample.
Alex
More information about the linux
mailing list