Red Hat Enterprise Linux Version 5 Security Target for CAPP, RBAC and LSPP Compliance Version: 1.12 Last Update: 2007-06-06 Red Hat Enterprise Linux Version 5 Security Target for CAPP, RBAC and LSPP Compliance atsec is a trademark of atsec GmbH IBM, IBM logo, bladecenter, eServer, iSeries, OS/400, PowerPC, POWER3, POWER4, POWER4+, pSeries, System p, POWER5, POWER5+, System x, System z, S390, xSeries, zSeries, zArchitecture, and z/VM are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. Red Hat and the Red Hat logo are trademarks or registered trademarks of Red Hat, Inc. in the United States, other countries, or both. Intel, Xeon, and Pentium are trademarks of Intel Corporation in the United States, other countries, or both. Opteron and AMD Opteron are trademarks of Advanced Micro Devices, Inc. in the United States, other countries, or both. Java and all Java-based products are trademarks of Sun Microsystems, Inc., in the United States, other countries, or both. Linux is a registered trademark of Linus Torvalds. UNIX is a registered trademark of The Open Group in the United States and other countries. This document is provided AS IS with no express or implied warranties. Use the information in this document at your own risk. This document may be reproduced or distributed in any form without prior permission provided the copyright notice is retained on all copies. Modified versions of this document may be freely distributed provided that they are clearly identified as such, and this copyright is included intact. Copyright © 2004, 2005, 2006, 2007 by atsec Corporation, and IBM Corporation or its wholly owned subsidiaries. Page 2 of 101 © IBM, atsec 2007 2007-07-18 Red Hat Enterprise Linux Version 5 Security Target for CAPP, RBAC and LSPP Compliance Table of Content 1 Introduction ........................................................................................................................................................ 9 1.1 ST Identification .......................................................................................................................................... 9 1.2 ST Overview ......................................................................................................................................................... 9 1.3 CC Conformance ....................................................................................................................................... 10 1.4 Strength of Function .................................................................................................................................... 10 1.5 Structure ............................................................................................................................................. 10 1.6 Terminology .................................................................................................................................... 10 2 TOE Description ..................................................................................................................................................... 12 2.1 Intended Method of Use .......................................................................................................................... 12 2.2 Summary of Security Features ...................................................................................................... 13 2.2.1 Identification and Authentication ................................................................................................................. 13 2.2.2 Audit ...................................................................................................................................................... 14 2.2.3 Discretionary Access Control ....................................................................................................... 14 2.2.4 Mandatory Access Control (LSPP mode only) ..................................................................................... 14 2.2.5 Role-Based Access Control (LSPP mode only) ................................................................................ 14 2.2.6 Object Reuse ............................................................................................................................................... 15 2.2.7 Security Management ........................................................................................................................ 15 2.2.8 Secure Communication ........................................................................................................ 15 2.2.9 TSF Protection ......................................................................................................................................... 15 2.3 Software ........................................................................................................................................... 15 2.4 Configurations .............................................................................................................................................. 20 2.4.1 File systems ................................................................................................................................... 20 2.4.2 TOE Hardware .............................................................................................................................................. 20 2.4.3 TOE Environment ................................................................................................................. 21 3 TOE Security Environment ................................................................................................................... 22 3.1 Introduction ............................................................................................................................................. 22 3.2 Threats ...................................................................................................................................................... 22 3.2.1 Threats countered by the TOE ..................................................................................................... 22 3.2.2 Threats to be countered by measures within the TOE environment ........................................................... 22 3.3 Organizational Security Policies ................................................................................................................. 23 3.4 Assumptions ......................................................................................................................................... 23 3.4.1 Physical Aspects ............................................................................................................................ 24 3.4.2 Personnel Aspects .................................................................................................................................. 24 3.4.3 Procedural Aspects (LSPP-mode only) ..................................................................................... 24 3.4.4 Connectivity Aspects ..................................................................................................................... 24 4 Security Objectives ............................................................................................................................................... 25 4.1 Security Objectives for the TOE ................................................................................................................. 25 4.2 Security Objectives for the TOE Environment ................................................................................... 25 5 Security Requirements ............................................................................................................................................... 27 5.1 TOE Security Functional Requirements ......................................................................................... 27 2007-07-18 © IBM, atsec 2007 Page 3 of 101 Red Hat Enterprise Linux Version 5 Security Target for CAPP, RBAC and LSPP Compliance 5.1.1 Security Audit (FAU) .............................................................................................................. 27 5.1.2 Cryptographic Support (FCS) ................................................................................................ 34 5.1.3 User Data Protection (FDP) ....................................................................................................................... 36 5.1.4 Identification and Authentication (FIA) ............................................................................... 42 5.1.5 Security Management (FMT) ......................................................................................................... 44 5.1.6 Protection of the TOE Security Functions (FPT) .................................................................................... 47 5.1.7 TOE Access (FTA) ................................................................................................................. 49 5.1.8 Trusted path/channels (FTP) ....................................................................................................................... 49 5.1.9 Strength of Function ............................................................................................................................ 49 5.2 TOE Security Assurance Requirements .................................................................................................... 49 5.3 Security Requirements for