Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!cs.utexas.edu!longway!std-unix
From: peter@ficc.ferranti.com (peter da silva)
Newsgroups: comp.std.unix
Subject: Re: Standards Update, IEEE 1003.6: Security
Message-ID: <757@longway.TIC.COM>
Date: 29 Jun 90 19:40:47 GMT
References: <384@usenix.ORG>
Sender: std-unix@longway.TIC.COM
Reply-To: peter@ficc.ferranti.com (Peter da Silva)
Organization: Xenix Support, FICC
Lines: 25
Approved: jsq@longway.tic.com (Moderator, John S. Quarterman)

From:  peter@ficc.ferranti.com (peter da silva)

In article <384@usenix.ORG> From:  <jsh@usenix.org> (anonymous 1003.6 report)
> At the ISO level, there will be no separate security standard. ...
> This means every conforming
> system will include security mechanisms.

You mean, "will include DoD-style security mechanisms". The somewhat
simple-minded approach UNIX has had in the past has been remarkably
successful, considering.

> I like this.  Do you?

Only if it's possible to turn everything off and go back to /etc/passwd
and /etc/shadow, and a superuser. That way when something goes wrong you'll
be able to boot from tape or floppy, edit a couple of files, and recover
the system. 

Because something *will* go wrong.
-- 
Peter da Silva.   `-_-'
+1 713 274 5180.
<peter@ficc.ferranti.com>

Volume-Number: Volume 20, Number 72