Standards Update, IEEE 1003.6: Security
Steven M. Schultz
sms at WLV.IMSD.CONTEL.COM
Fri Jul 6 16:58:00 AEST 1990
From: sms at WLV.IMSD.CONTEL.COM (Steven M. Schultz)
In article <786 at longway.TIC.COM> From: pkr at sgi.com (Phil Ronzone)
>In article <780 at longway.TIC.COM> peter at ficc.ferranti.com (Peter da Silva) writes:
>>This may well be true. But for a large set of problems the existing UNIX
>>security approach is quite sufficient. If you don't have the actual hardware
>>secured it's overkill.
>
>I disagree - secure software, from the boot code on, is very effective.
i have to side with Peter on this. the keywords were "large set
of problems" and "quite sufficient" - that doesn't (at least to
me) obviate the need for more strict security when the need
arises, but for many situations just administering the systems
correctly is enough.
short of soldiers with M16s at a computer facility door i do not
believe that software is any substitute for physical security.
it's just one more password that has to be spread around (in
case the SSO or whoever) goes on vacation, etc...
>>Security and convenience are opposed goals, and sometimes a system
>>MUST be available.
agreed.
>I disagree again -- I think the recent Internet worm is an example of why.
now it's my turn to disagree. sheesh, why does the worm have to
be brought up everytime security is discussed? it was a BUG that
was exploited, and i for one do not think that adding security
will do away with BUGs in software. on the contrary, as the
complexity of the system is increased by the added software the
number of bugs could actually increase, no?
and, if people can't administer systems "correctly" now - what's
going to happen when the amount of administration required increases
due to the files/databasei/etc that "security" will add to the system??
Steven M. Schultz
sms at wlv.imsd.contel.com
Volume-Number: Volume 20, Number 104
More information about the Comp.std.unix
mailing list