Unix security additions
Greg A. Woods
woods at eci386.uucp
Fri Mar 15 09:09:44 AEST 1991
In article <39950 at cup.portal.com> PLS at cup.portal.com (Paul L Schauble) writes:
> When unix was first developed, the system gave only minimal attention to
> security issues. Lately, this has been a hot topic and a lot of work has
> been done to improve Unix security.
Excuse me, but IMHO, when UNIX was first developed, *more* attention
was put into careful consideration of security issues than with almost
any other system of its time (except maybe for MULTICS). A
significant patent was even granted to one of the inventors for a
very innovative systems security technique.
> I'm curious: What do you think are the five most significant changes or
> additions that have been made to Unix to improve its security?
The most significant "things" that have affected UNIX security in the
past few years are the perpetuation of myths about how insecure some
people perceive UNIX to be. In addition, partially because of a large
amount of ignorance, UNIX security has been mangled by well meaning
vendors who were pushed by clients who believed the myths.
The only other significant thing I can think of is "the network".
Many network tools have introduced significant security problems to
UNIX where none existed in isolated systems. Eg. sendmail, finger, & nfs.
Of course the things most people might have been thinking of are the
various implementations of "Orange Book" security features for UNIX.
--
Greg A. Woods
woods@{eci386,gate,robohack,ontmoh,tmsoft}.UUCP ECI and UniForum Canada
+1-416-443-1734 [h] +1-416-595-5425 [w] VE3TCP Toronto, Ontario CANADA
Political speech and writing are largely the defense of the indefensible-ORWELL
More information about the Comp.unix.admin
mailing list