The Official Unofficial Zorp project
 
Overview| Examples| Bugs| FAQ | White papers | Download | Help wanted | SourceForge Project page | Filltable utility  
 
 
SourceForge.net: SF.net Project News: Zorp unofficial
  • zorp 2.0.9-6 has been released
  • iptables-utils zorp-unoff version has been released
  • New whitepaper, even more FAQs
  • Zorp whitepapers released, new FAQs
  • New tproxy versions
  • New Zorp version: get the DN
  • The best bughunter
  • Bughunting contest extended
  • Valentine day bughunting contest!
  • Site updates: FAQ, design
    		•
    SourceForge.net: Project File Releases: Zorp unofficial
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:49:58 GMT)
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:40:56 GMT)
  • iptables-utils 1.21-1 released (Mon, 01 Nov 2004 21:19:42 GMT)
  • zorp 2.0.9-1 released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorplibll 2.0.26.24-1 released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorp zorp_2.0.8-1 released (Thu, 11 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-2 released (Wed, 03 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-1 released (Tue, 11 Nov 2003 00:00:00 GMT)
  • zorplibll zorplibll_2.0.26.23-1 released (Mon, 10 Nov 2003 00:00:00 GMT)
    		•
    		Next Previous Contents

    3. Security Environment

    3.1 Assumptions

    • A.SENIOR The senior system administrator is not careless, wilfully negligent or hostile, and will follow and abide by the instructions provided by the administrator documentation.
    • A.JUNIOR The junior system administrator is not assumed to be careful or cooperative.
    • A.OS The underlaying operating system is LSPP conformant, working as expected, the TOE can read its configuration file, and write its standard output. The underlying operating system is able to provide the needed level of separation of domains, and the integrity of the TOE itself and the mechanisms it depends on. The senior system administrator is allowed to overview the audit trails generated on standard error of the TOE.
    • A.PYTHON The python interpreter and the syslog, sys, os, traceback and re python libraries work as expected.

    3.2 Policies

    This Security Target does not identify security policies: the security environment is expressed in terms of assumptions and threats

    3.3 Threats

    • T.EVIL_JUNIOR A misbehaving junior system administrator - or an attacker masqueraded as her - compromises the integrity of the execution domain of the TOE, or the security functions of the operating system through giving malicious input to the TOE.
    • T.BAD_CALLING The TOE compromises the integrity of the security functions of the underlying operating system, or configures the packet filter configuration in ways beyond the designated scope because its calling parameters are insecure.
    • T.OS_COMPROMIZE The TOE does not work as expected because the underlying operating system is compromised.
    • T.PYTHON_PROBLEM The TOE does not work as expected because the python interpreter or libraries of it not work as expected.
    • T.UNDERLYING_COMPROMISE The underlying operating system, the python runtime or libraries ( especially the regular expression library used by the python interpreter) are compromised with malicious data which is otherwise within the syntax of the input.
    • T.AUDIT_FAIL The audit subsystem either fails to audit some activities or problems related to the TOE, or compromised because malicious input data gets to the audit trail and creates problems down in the audit chain.
    • T.BAD_RULE_INSERTED A packet filter rule which have effect to packets beyond the scope assigned to the junior system administrator is inserted to the netfilter configuration.
    • T.NO_LSPP The TOE is added to the Trusted Computing Base of the underlying Operating Sytem in a way that makes it nonconformant to the LSPP.

    Next Previous Contents