Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!dptg!lznv!ziegler
From: ziegler@lznv.ATT.COM (J.ZIEGLER)
Newsgroups: comp.unix.questions
Subject: Re: gov't certified "secure" Unix
Summary: Actually, it has to be the other way around...
Keywords: security
Message-ID: <1611@lznv.ATT.COM>
Date: 31 Jul 89 14:33:22 GMT
References: <310@pwa-b.UUCP> <1038@riddle.UUCP> <11099@ibmpcug.UUCP> <574@mmlai.UUCP>
Organization: AT&T ISL Lincroft NJ USA
Lines: 23

In article <574@mmlai.UUCP>, burzio@mmlai.UUCP (Anthony Burzio) writes:
> Security on a UNIX system should be utterly optional.  At first you
> should get a normal system without security from distribution.  Later,
> you could then run a program, say called "Big Brother", that would 
> modify things to add security...
> 

Actually, a secure computer system has to be secured at all times
during its life, including installation and maintenance as well as
normal operation.  To do this, it would probably be best to have the
secure system on the distribution medium, and have a normal
installation put the secure system in place.  Then a SEPARATE medium
would have an "un-Big Brother" utility on it, that would turn off
all the special security features.  This way a secure system can be
distributed and installed, with fewer opportunities for the system
to be compromised.  Those who don't want the extra security will
have a little extra work to do at installation, but at least that's
only a one-time problem.

I do agree that all security should be optional.

		Joe Ziegler
		att!lznv!ziegler