jeffblank
commented
9 years ago MLS or other fancy access controls should be in an EP.
Closed kgal closed 9 years ago
jeffblank
commented
9 years ago MLS or other fancy access controls should be in an EP.
Should we include one?
FDP_IFC_EXT.1.1: The OS shall have a mechanism to prohibit a information channel between two unprivileged processes without the assistance of the kernel or other processes.
Basically I'm trying to say that pick two processes, any processes. Can they be configured such that one process cannot read any object that the 2nd process can write to? The CDS team thought this would be helpful. Also MRAT is requesting a similar thing from MDF PP.