xorg and EAL4+
alan.coopersmith at sun.com
Thu Apr 19 11:33:13 PDT 2007
James Courtier-Dutton wrote:
> Fortunately, Linux has EAL4+ security evaluation done for most security
> targets (configurations).
> The one major thing that is excluded each time is the X front end.
> I.e. Linux has EAL4+ for a server config, without X.
> Have any moves been made to modify X so that it could reach EAL4+
> Or, is the X protocol just so broken, that X could never reach this
> level of security.
It's not impossible, as the Trusted forms of Solaris have gotten EAL4
certification for X desktops.
-Alan Coopersmith- alan.coopersmith at sun.com
Sun Microsystems, Inc. - X Window System Engineering
More information about the xorg