UNIX and security <was: Unix & X-Windows on 386SX>
Ray Shwake
shwake at raysnec.UUCP
Thu Dec 6 03:25:22 AEST 1990
tim at delluk.uucp (Tim Wright) writes:
>As has been pointed out, MOST people running unix do NOT want any higher
>level security than is already provided. It only gets in the way. I get the
>distinct feeling that if you want "high" levels of security, you shouldn't
>be running unix in the first place. Any comments ?
Sorry, Tim, can't agree. Despite all the references to UNIX' "inherent
lack of security", even plain-vanilla UNIX supports a higher security
potential than many OS alternatives, even those of "commercial quality".
How one exploits that potential, however, is another matter. Of course, one
must distinguish between security weaknesses inherent in the operating system
from those associated with add-ons (e.g. sendmail).
Yes, many people do NOT want a higher level of security than is
already provided, since security costs in both human and system resources
without obvious benefit - at least, not until you need it!
I do find it telling that the first C2 certified system (Gould) and
the first B1 certified system (System V/MLS) were UNIX systems.
More information about the Comp.unix.sysv386
mailing list