“Secure Computing Corporation, makers of security software
packages for business and government organizations, has won a
contract with the National Security Agency to develop a “robust,
secure version of Linux” for use in the agency’s intelligence and
information systems.”
“But while many in the Linux community are celebrating another
Linux conversion, others point to the GNU General Public License
under which Linux may be further developed, and wonder if the
fruits of the SCC’s labor will be offered freely back to the
community that made such fruits possible….”
“The concerns over what Secure Computing will do with Linux
have to do in part with the “Type Enforcement Technology” the
company plans to deploy. Having successfully used this
security technology in support of its UNIX firewall, Sidewinder,
Secure Computing says its modifications will include a flexible
policy engine that, while its functionality has not yet been fully
determined, will nonetheless “support a broad range of basic
applications”. Secure Computing says it will open source both their
policy enforcement code modifications to the kernel, as well as
this “general purpose” policy engine, while keeping the policy
engines for its own products (i.e., Sidewinder, which is the main
firewall used by the Department of Defense) proprietary. The term
“policy engine” refers to the part of the software that monitors
adherence to an organization’s rules and procedures governing
acceptable use of resources and security practices.”