Fed-Talk Mac "BSM Auditing" Users,
On April 23, I happily announced the final availability of *Auditing Tools* for Mac OS X 10.5 (PPC/Intel). Quickly upon the heels of that announcement, several of you indicated event logging failures on your systems. Here is a brief update on that situation.
Problem Status: *Active*
Platform Affected: Mac OS X 10.5.x
Services Affected: BSM - Auditing
ETA for a Fix: Unknown at this time
Work-a-round: No current work-a-round at this point
Delivery Vehicle: Will require a Mac OS X 10.5.x Software Update
A bit more detail for those interested:
We realize in the end, it doesn't matter much to you the end user, but the problem does not lie within the Auditing Tools. The regression was within Mac OS X 10.5.x itself relating to changes made within and between the Launch Services and Login Window Architectures. This effectively broke the ability of the BSM Auditing subsystem from actively and correctly generating the expected audit records many have come to know and love.
As noted above, this will require an update to Mac OS X 10.5 itself and will not require any changes to the auditing subsystem or related tools installer.
/* Personal Request */
It is very unfortunate that the original *Auditing Tools* were named *Common Criteria Tools*. It was both unfortunate and incorrect -- and continues to be technically incorrect. This began at Apple and is currently still reflected on public facing web pages @ Apple.com. Until I can get that remedied, I would like to ask a personal favor of all of us intimately involved and familiar with the technology and process.
Can we all refer to them as "BSM Auditing and Auditing Tools" moving forward ? :-)
Those that do so will add a few years back to the end of my life. :-) Thanks in advance!
- Shawn
_____________________________________________________
Shawn Geddis - Security Consulting Engineer - Apple Enterprise
On Apr 23, 2008, at 5:13 PM, Shawn A. Geddis wrote:
Fed-Talk Subscribers,
I am very happy to *finally* be able to announce to you that the Auditing Tools for 10.5 (PPC/Intel) are publicly available.
| Common Criteria Tools for 10.5 |
About Common Criteria Tools for 10.5
An internationally approved set of security standards which provides a clear and reliable evaluation of the security capabilities of Information Technology products. By providing an independent assessment of a products ability to meet security standards, Common Criteria gives customers more confidence in the security of Information Technology products and leads to more informed decisions.
Security-conscious customers, such as the U.S. Federal Government, are requiring Common Criteria certification as a determining factor in purchasing decisions. Since the requirements for certification are clearly established, vendors can target very specific security needs while providing broad product offerings.
The international scope of Common Criteria, currently adopted by fourteen nations, allows users from other countries to purchase Information Technology products with the same level of confidence, since certification is recognized across all complying nations.
SHA 1 digest =da6901baa2dd5a759335c08c91417477633e2da4
For detailed information on SHA 1 Digest, please visit this website:http://www.info.apple.com/kbnum/n75510
Additional Resources
Common Criteria Support
White Paper
Admin Guide
|
Download Details
| Version: | |
| Post Date: | April 23, 2008 |
| License: | Update |
| File Size: | 103KB |