How secure is UNIX?

Greg A. Woods woods at robohack.UUCP
Tue Jun 12 12:45:41 AEST 1990 

In article <1990Jun10.183417.6226 at agate.berkeley.edu> dankg at tornado.Berkeley.EDU (Dan KoGai) writes:
> In article <1990Jun8.175747.18776 at athena.mit.edu> jik at athena.mit.edu (Jonathan I. Kamens) writes:
> 
> >  I am becoming more and more convinced that you're flaming without much
> >justification about something about which you know little, and frankly,
> >it's getting a little irritating.
> 
>[....]  Are you still saying I am just flaming?
> if you stop me or people like me from what you call flaming, Give us secure
> system for first place so I don't have to post something like this anymore,
> period!

Whoa!  Jonathan is absolutely right!  You aren't just flaming though,
you're whining, and beginning to annoy at least me....  If you were to
have a system secure enough not to have to worry again, you'd never be
posting from it, nor reading and/or sending mail on it.  The only
truly secure system is a physically isolated system, with properly
administered physical security policies.  I would even go so far as to
suggest that you would not be running news on an even moderately
secure UNIX system.  Mail is a bit safer.  Networking (eg. with things
such as NFS, or even SMTP) is much more more dangerous.

> 	I think my password was well-chosen:  It is hardly English or
> any other language, with Uppercase and Numbers.  My previous one was very
> random also.  Yet my 10-line (now 20 and can handle even more complex cases)
> successfully found it:  I didn't use /usr/dict/words or any sort at all.

OK, I'll believe you.  However, you did mention that it took quite a
bit of horsepower to crack.  Mind telling us just how much?  Was your
algorithm tainted towards the pattern employed in your password?  Was
your programme actually used by an outside party to crack your own
password?

Meanwhile, do you have proof your password was compromised?  If not,
have you considered again that it may have been a security violation
through the network, or perhaps in a poorly designed application which
allowed the compromise.  It may even have been an "inside" job by some
other "authorized" user of your system.

Again, I must also resurrect the question of why your files weren't on
backup media, ready to be restored in event of disaster.  (I apologize
if they were, but in that case, what are you crying about?)

> >  Actually, I consider fast log-in time to be one of the most important
> >features in any given system.
>
> 	Provided it's secure enough.  UNIX is not.  I'm not very exceptionally
> rare victims.  I know a lot of even severe cases broken harder, which are
> protected with UNIX experts.  How many victims do we need to convince you
> guys that today's UNIX needs major upgrade of secirity? [....]

And how many times do we have to tell you that the responsibility for
UNIX security lies with the administrator.  UNIX, in and of itself,
can be made quite secure.  I believe the official rating of a
carefully maintained and only slightly modified system can reach C2
(per "the Orange Book").  Certainly the "objects" deemed important by
a commercial user can indeed be monitored easily enough to maintain a
C2 rating.

Personally I do not see a great philosophical gain in the efforts by
such vendors as AT&T to create an even more secure UNIX system (i.e.
B2).  [Yes, "today's UNIX" is, and has been for quite some time,
getting a major security upgrade.]  I don't feel the implementation of
B2-secure UNIX systems maintains either the spirit of UNIX, or even
the spirit of POSIX.  Such things are only done to attract those who
are already entrapped by the red tape of the existing security
establishment.  The great majority of both industry and government
applications do not require such measures, and would not require them
even if the threat of crackers was much greater than it really is.
Proper administration of these systems, which is even more critical
with the added security features of these systems, will provide
adequate security in most cases.

No system can be considered secure unless there is a security policy
that is enforced outside of the system itself.  The system can be no
more secure than the environment in which it operates.  The proper
administration of a sufficient security policy to maintain a B2 level
system is far beyond the capabilities of most "users" of UNIX.
-- 
						Greg A. Woods

woods@{robohack,gate,eci386,tmsoft,ontmoh}.UUCP
+1 416 443-1734 [h]   +1 416 595-5425 [w]   VE3-TCP   Toronto, Ontario; CANADA

More information about the Comp.unix.questions mailing list