Question about Secure Unix

[Marcus J Ranum]

In article <399 at unisec.USI.COM>, dpw at unisec.USI.COM (Darryl P. Wagoner) writes:
> In article <1485 at brl-adm.ARPA> ron at BRL.ARPA (Ron Natalie) writes:
> >It's certified all right, but by the time they got done with it,
> >it doesn't look much like UNIX.

	Oh course it doesn't look 100% like UNIX. For example, the
entire setuid concept is thrown away. In order to be certifiable,
if I am correct, the networking was thrown away. A lot of the old
favorite UNIX ideas are big security loopholes and in order to be
certified they had to be gotten rid of. I am sure this subject is
good ground for lots of argument. I gather that the approach Gould
took was to place an emphasis on producing a secure UNIX at the
expense of making it necessarily different. From the ad (I assume the
same as yours) it sounds like it'd be tougher to crack. I really 
don't think anything is ever 100% secure, unless it's write-only
hardware technology :-)
	There was a posting a few months back from a fellow who did
hack up secure UNIX. From what he said, it was not a flaw in secure 
UNIX that allowed him to break in, but rather a goof on the part of 
the systems administrator. No UNIX system is secure without a suitably
paranoid sysadmin.

> I think that you got caught up in the wording of their ad's.  It is
> certifiable (maybe).  From what I have heard they have just finished the
> paper review of the design.  That Not quite the same thing.

	If I am correct, it is certified. Certainly that is more than
can be said for 4.2BSD 

> -- 
> Darryl Wagoner			
> UniSecure Systems, Inc.; 		dpw at unisec.usi.com

	UniSecure systems ?  What do they manufacture, unicycle locks ?

I, incidentally, work for a completely different section of Gould, and 
have no personal stake in this matter. 

Live Free
mjr