Want CNET to notify you of price drops and the latest stories?
X

Red Hat gains security certification

The company's newest version of Linux has been granted a significant security certification, bringing the company a step closer to competitors.

stephenshankland.jpg
stephenshankland.jpg
Stephen Shankland principal writer
Stephen Shankland has been a reporter at CNET since 1998 and writes about processors, digital photography, AI, quantum computing, computer science, materials science, supercomputers, drones, browsers, 3D printing, USB, and new computing technology in general. He has a soft spot in his heart for standards groups and I/O interfaces. His first big scoop was about radioactive cat poop.
Expertise processors, semiconductors, web browsers, quantum computing, supercomputers, AI, 3D printing, drones, computer science, physics, programming, materials science, USB, UWB, Android, digital photography, science Credentials
  • I've been covering the technology industry for 24 years and was a science writer for five years before that. I've got deep expertise in microprocessors, digital photography, computer hardware and software, internet standards, web technology, and other dee
Stephen Shankland
Red Hat's newest version of Linux has been granted a significant security certification, bringing the company a step closer to competitors.


Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.


Version 3 of Red Hat Enterprise Linux has been certified to meet Evaluation Assurance Level 2 (EAL2) of the Common Criteria certification, Red Hat said Thursday. The internationally recognized Common Criteria certification is a typical requirement for government customers.

However, Red Hat still lags behind its main rival, Novell, whose SuSE Linux has been certified to meet the more stringent EAL3. It also trails versions of Unix and Windows that have EAL4 certification.

Common Criteria certification is expensive. Oracle helped Red Hat achieve its certification, while IBM helped with SuSE Linux.

Red Hat also said it will add support for Security-Enhanced Linux, a project begun by the National Security Agency. SELinux uses "mandatory access controls" to reduce security threats by giving minimum privileges to computer users and processes.

The SELinux support will arrive in RHEL 4, due in early 2005, but also will be in a hobbyist version called Fedora Core 2, due May 17. However, merging SELinux has been difficult, and in the newest Fedora test version, released Tuesday, Red Hat disabled SELinux by default.