Semi-secure UNIX variant

John B. Nagle jbn at wdl1.UUCP
Thu Jan 3 10:30:48 AEST 1985


     Substantial progress has been made toward a more secure version of UNIX.
See ``LINUS-IV --  an experiment in computer security'' in Proc. 1984
Symposium on Security and Privacy, IEEE Computer Society.

     A few quotes from the paper:

	"LINUS IV in the prototype stage is based on the 4.1 Berkeley
	System Distribution which runs on the VAX-11 series of computers."

	"The system creates a random but pronouncable password for the user."

	"The duties formerly held by the single superuser of UNIX are
	separated in LINUS IV into three separate special users.  The
	special users are system personnel that have distinct services
	to perform on behalf of the system and are:

		1.  the Security Officer

		2.  the Operator, and
	
		3.  the Administrator.

	These special LINUS IV users can still subvert the system but not
	without a good chance of recognition by the remaining special users."

	"When certain files contain too many privileges for the common user,
	the integrity of the system may suffer...  LINUS IV has a utility
	called INTEGRITY that compares the owner, group, and permissions
	for each file against an entry for that file in a central database.
	The INTEGRITY utility is invoked during system startup and periodically
	during system operation."

	"LINUS IV is intended to become evident to only two classes of 
	users; the system personnel and the system ``abusers''.  LINUS IV
	will attempt to alert the former, whenever possible, to the presence
	of the latter."


The author was Steven Kramer, who is now with AXIOM Technology.  I do not
have an address for him or AXIOM, which is not associated with this work.



More information about the Comp.unix.wizards mailing list