SCO doesn't sell UNIX

[Brian Beattie]

In article <18804 at rpp386.cactus.org> jfh at rpp386.cactus.org (John F Haugh II) writes:
-In article <DRMORRIS.90Dec10185729 at copilot.mit.edu> drmorris at athena.mit.edu (David R Morrison) writes:
->I wrestled with SCO last summer, and what amused me most was that they
->went to an extreme to make the machine (kernel/os) secure, and practicly
->ignored making a distributed system secure.

I read this as "making a delivered system secure".

-
-Technically speaking, there is no such thing as a secure distributed

Bzzzzzzzt I'm sorry but that is not correct. :-)

-system.  The Orange Book does not address network O/S's and once you
-connect your machine to another, all bets were off.

It is The Red Book disscusses this issue.

Although John is correct with respect to the Orange Book, in that if
you have an ethernet or a modem or a pad or the like your system is
outside the scope of the Orange Book.  That is not to say that it is
insecure, just that it does not meet the requirements of a TCB (Trusted
Computing Base) as described in the Orange Book.

-
->This is a C2 secure system?
-
-No.  It's a bunch of stuff someone decided to market as a C2 system.

And a pretty poor example of what can be done at that.

--- 
-John F. Haugh II                             UUCP: ...!cs.utexas.edu!rpp386!jfh
-Ma Bell: (512) 832-8832                           Domain: jfh at rpp386.cactus.org


-- 
It is easier to build a   | Brian Beattie          (703)471-7552
secure system than it is  | 11525 Hickory Cluster, Reston, VA. 22090 
to build a correct system.|
           M. Gasser      | ...uunet!visenix!beattie