The Official Unofficial Zorp project
 
Overview| Examples| Bugs| FAQ | White papers | Download | Help wanted | SourceForge Project page | Filltable utility  
 
 
SourceForge.net: SF.net Project News: Zorp unofficial
  • zorp 2.0.9-6 has been released
  • iptables-utils zorp-unoff version has been released
  • New whitepaper, even more FAQs
  • Zorp whitepapers released, new FAQs
  • New tproxy versions
  • New Zorp version: get the DN
  • The best bughunter
  • Bughunting contest extended
  • Valentine day bughunting contest!
  • Site updates: FAQ, design
    		•
    SourceForge.net: Project File Releases: Zorp unofficial
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:49:58 GMT)
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:40:56 GMT)
  • iptables-utils 1.21-1 released (Mon, 01 Nov 2004 21:19:42 GMT)
  • zorp 2.0.9-1 released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorplibll 2.0.26.24-1 released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorp zorp_2.0.8-1 released (Thu, 11 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-2 released (Wed, 03 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-1 released (Tue, 11 Nov 2003 00:00:00 GMT)
  • zorplibll zorplibll_2.0.26.23-1 released (Mon, 10 Nov 2003 00:00:00 GMT)
    		•
    		Next Previous Contents

    1. Introduction

    1.1 Identification

    • TOE Identification: Zorp-Unoff filltable utility version 0.0
    • ST Identification: Security target for the filltable utility version 0.0
    • Assurance Level: EAL3 augmented
    • Protection Profile conformity: None
    • Protection Profile reference: Labeled Security Protection Profile version 1.b (the ST not conformant with it) None
    • Keywords: Zorp, Zorp-Unoff, filltable, security target, trusted procedure, python, netfilter, iptables, LSPP

    1.2 Security Target Overview

    The filltable utility is a python script to allow relatively untrusted (junior) GNU/Linux system adinistrators (for example system adinistrator of a chrooted sandbox) to modify specific parts of the linux netfilter configuration with the help of the senior system administrator. The senior system administrator can designate specific packet classes (based on source/destination addresses, ports, etc) to be managed by the junior system administrator. These packet filter classes are directed to one or more netfilter chains. The junior system administrator can describe the configuration in a text file, which makes the input of the filltable utility. After that the senior system administrator can run the filltable utility on these files, thus obtaining an iptables dump whith which she can modify the configuration. The filltable script is strict on the syntax of its input file, thus makes compromising the execution domain of itself impossible.

    The script is accompanied with a test suite and documentation.

    The filltable script is a Trusted Procedure in the sense of the Clark-Wilson access control modell.

    This Security Target, hence the TOE does not claims conformance to any Protection Profile.

    The Assurance level of the Security Target, hence the TOE is EAL3 augmented.

    The TOE is designed to be added to the Trusted Computing Base of an LSPP conformant Operating System product in a manner that the Operating System product continues to be LSPP conformant.

    You can find the known issues with the Security Target and the TOE (TODO) at the end of this Security Target. In the evaluated version this section is empty.

    1.3 Common Criteria Conformance

    The filltable script aims to be part2 conformant and part3 conformant.

    Next Previous Contents