Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!longway!std-unix From: peter@ficc.ferranti.com (peter da silva) Newsgroups: comp.std.unix Subject: Re: Standards Update, IEEE 1003.6: Security Message-ID: <780@longway.TIC.COM> Date: 3 Jul 90 18:16:09 GMT References: <384@usenix.ORG> <757@longway.TIC.COM> <769@longway.TIC.COM> Sender: std-unix@longway.TIC.COM Reply-To: peter@ficc.ferranti.com (Peter da Silva) Organization: Xenix Support, FICC Lines: 39 Approved: jsq@longway.tic.com (Moderator, John S. Quarterman) From: peter@ficc.ferranti.com (peter da silva) In article <769@longway.TIC.COM> From: pkr@sgi.com (Phil Ronzone) > I'm not sure what the "DoD-style" words mean, but UNIX has been very deficient > for much serious commercial work due to the "simple-minded" approach it has > had. This may well be true. But for a large set of problems the existing UNIX security approach is quite sufficient. If you don't have the actual hardware secured it's overkill. > >Only if it's possible to turn everything off and go back to /etc/passwd > >and /etc/shadow, and a superuser. That way when something goes wrong you'll > >be able to boot from tape or floppy, edit a couple of files, and recover > >the system. > >Because something *will* go wrong. > I don't see what this has to do with security. I know of at least one case where a hard error in the user database for a system required sending a letter from the president of the user's company to the vendor to get them to explain how to regain access to the system. Security and convenience are opposed goals, and sometimes a system MUST be available. If *all* POSIX conformant systems come with a stronger security system than UNIX installed, it must be possible to set things up so that security system can be defeated and a new system set up with physical access to the hardware. It's acceptable for there to be some magic one-way juju that you can do to put the system into a highly secure state, but it should not come that way. I will neither purchase nor recommend any system I can't get into and rebuild the access system with a boot floppy and the console. -- Peter da Silva. `-_-' +1 713 274 5180. Volume-Number: Volume 20, Number 95