LC Bruzenak wrote:
On Wed, 2009-01-28 at 15:37 -0800, Casey Schaufler wrote:
> LC Bruzenak wrote:
>
>>> ...
>>>
>
>
> That would be a most peculiar requirement. Are "they" requiring
> that you audit the data sent with cross-level send(), read()
> and write() as well?
>
>
Casey,
This is similar to the HP CMW trusted copy/paste capability (not
necessarily cut). I assume Trusted Irix had something similar?
Actually, the Trix B1 evaluation had a single level window system
and the CC evaluated system was server only.
The notion of auditing the data passed in addition to the subject
and object information has got to be a CMW thing. In principle
moving data from a Secret window to a TS window is no different
from moving it from a Secret file to a TS file, and you would
never audit that data.