What kinds of things would you want in the GNU OS?
John F. Haugh II
jfh at rpp386.Dallas.TX.US
Tue May 30 03:44:05 AEST 1989
In article <4315 at ficc.uu.net> peter at ficc.uu.net (Peter da Silva) writes:
>In article <106326 at sun.Eng.Sun.COM>, news at sun.Eng.Sun.COM (news) writes:
>> Security: ACLs?
>
>Perhaps. This would solve the bits-in-st_flags problem.
It would also solve the problem of being compatible with UNIX ;-)
Any secured filesystem solution must address backwards compatibility.
Stealing bits from st_mode [ there is not a st_flags field in a struct
stat ] is only going to wreck havoc on a large body of software which
knows about st_mode bits.
>> Get rid of root?
>
>Hmmm. Go to something like DEV:path as per VMS/AmigaDOS/MSDOS/...?
>Handy, particularly if you have assigns. But too many incompatibilities.
I think he meant getting rid of UID == 0 being a privileged user.
Again, this an Orange Book requirement. It also makes much sense.
Programs should have privilege, not users. The ability to access
a program can then be limited to a collection of users or groups.
Or use /etc/group to allow some group of users to newgrp to an
administrative account. The group ``dumpers'' might exist for
persons taking file system dumps. All of the dumpable devices
would then have file group ``dumpers''. Root wouldn't have to
be used for dumps any longer.
>> Security monitors? Auditing?
>> Provably secure(A1)?
>
>Not possible, I think, with the resources GNU has.
GNU, as distributed directly from FSF, might exist in some
secure form. As hacked on by some random collection of bodies
before reaching me will never be considered trustable.
--
John F. Haugh II +-Button of the Week Club:-------------
VoiceNet: (512) 832-8832 Data: -8835 | "AIX is a three letter word,
InterNet: jfh at rpp386.Cactus.Org | and it's BLUE."
UucpNet : <backbone>!bigtex!rpp386!jfh +--------------------------------------
More information about the Comp.unix.wizards
mailing list