Standards Update, IEEE 1003.6: Security
peter da silva
peter at ficc.ferranti.com
Sat Jul 7 00:38:32 AEST 1990
From: peter at ficc.ferranti.com (peter da silva)
In article <786 at longway.TIC.COM> pkr at sgi.com (Phil Ronzone) writes:
> In article <780 at longway.TIC.COM> peter at ficc.ferranti.com (Peter da Silva) writes:
> >This may well be true. But for a large set of problems the existing UNIX
> >security approach is quite sufficient. If you don't have the actual hardware
> >secured it's overkill.
> I disagree - secure software, from the boot code on, is very effective.
I'm sure it is. An SR71 is very effective, too, but I find a 747 a whole
lot more convenient for a trip to Hawaii.
> >Security and convenience are opposed goals, and sometimes a system
> >MUST be available.
> I disagree again -- I think the recent Internet worm is an example of why.
What do you disagree with? That security and convenience are opposed goals,
or that sometimes a system MUST be available? And why?
(what the internet worm has to do with anything is another question. There
have been similar incidents on systems with tighter security requirements,
such as the DECNET WANK incident or the CHRISTMAS TREE virus. For that matter
I have laid out the preliminary design for a virus that can propogate via
Usenet source archives. And from what I know of the internet worm it would
have spread pretty near as fast if sendmail didn't run under root permissions.
start with a non-sequiter and I guess you can prove anything)
--
Peter da Silva. `-_-'
+1 713 274 5180.
<peter at ficc.ferranti.com>
Volume-Number: Volume 20, Number 108
More information about the Comp.std.unix
mailing list