More comments about UNIX Security.

[FIGMO%usc-eclc at sri-unix.UUCP]

From:  Lynn Gold <FIGMO at usc-eclc>

Return-path: <@MIT-MC:unix-wizards-request at BRL-VGR>
Received: from MIT-MC by USC-ECLC; Mon 20 Jun 83 18:44:18-PDT
Received: From Brl.ARPA by BRL-VGR via smtp;  20 Jun 83 21:33 EDT
Received: From Aids-Unix.ARPA by BRL via smtp;  20 Jun 83 21:27 EDT
Date: 20 Jun 1983 18:22-PDT
From: Howard Alt <alt at aids-unix>
Subject: Re: More comments about UNIX Security.
To: SJOBRG.ANDY at mit-oz, mit-mc at aids-unix
MMDF-Warning:  Parse error in preceeding line at BRL.ARPA
Cc: unix-wizards at brl
Message-Id: <83/06/20 1822.366 at aids-unix>
In-Reply-To: SJOBRG.ANDY%MIT-OZ's message of Mon, 20 Jun 1983  1954 EDT

Unforutnatly, the systems that are incredibly insecure must be excluded
from the mailing list.  Like (sorry), the ITS machines.  I'm sure that
there are others... Probably a good policy is only Unix machines.
(boy am I going to hear about this one...)
	Howard.

*************
You're right (not your idea, but that you're going to hear about this
one).  What makes you think that Unix is any more secure than any other
operating system?  Yeah, the ITS machines are insecure, but 1) There
are those of us who have our "ARPAnet junk mail" sent to an ITS site,
from which it is forwarded to a more secure site.  I do this because
when my system is off the air for one reason or another (our ECU died
Friday and won't be fixed till at least Thursday), I can manually re-
route the forwarding to another mailbox where I can answer it without
it bouncing back like crazy.

As for secure/insecure sites, TOPS-20 and Tenex sites are about as
secure as Unix sites.  Much of how secure a site is has to do with
how it's run.  If you have a site on which everybody's mother, brother
and sister and pet rock has every available priviledge known to mankind,
your site is likely to be less secure than one with a limited number
of privileged users.

--Lynn
-------