Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!cs.utexas.edu!longway!std-unix From: peter@ficc.ferranti.com (peter da silva) Newsgroups: comp.std.unix Subject: Re: Standards Update, IEEE 1003.6: Security Message-ID: <794@longway.TIC.COM> Date: 6 Jul 90 14:38:32 GMT References: <757@longway.TIC.COM> <769@longway.TIC.COM> <780@longway.TIC.COM> <786@longway.TIC.COM> Sender: std-unix@longway.TIC.COM Reply-To: peter@ficc.ferranti.com (Peter da Silva) Organization: Xenix Support, FICC Lines: 35 Approved: jsq@longway.tic.com (Moderator, John S. Quarterman) From: peter@ficc.ferranti.com (peter da silva) In article <786@longway.TIC.COM> pkr@sgi.com (Phil Ronzone) writes: > In article <780@longway.TIC.COM> peter@ficc.ferranti.com (Peter da Silva) writes: > >This may well be true. But for a large set of problems the existing UNIX > >security approach is quite sufficient. If you don't have the actual hardware > >secured it's overkill. > I disagree - secure software, from the boot code on, is very effective. I'm sure it is. An SR71 is very effective, too, but I find a 747 a whole lot more convenient for a trip to Hawaii. > >Security and convenience are opposed goals, and sometimes a system > >MUST be available. > I disagree again -- I think the recent Internet worm is an example of why. What do you disagree with? That security and convenience are opposed goals, or that sometimes a system MUST be available? And why? (what the internet worm has to do with anything is another question. There have been similar incidents on systems with tighter security requirements, such as the DECNET WANK incident or the CHRISTMAS TREE virus. For that matter I have laid out the preliminary design for a virus that can propogate via Usenet source archives. And from what I know of the internet worm it would have spread pretty near as fast if sendmail didn't run under root permissions. start with a non-sequiter and I guess you can prove anything) -- Peter da Silva. `-_-' +1 713 274 5180. Volume-Number: Volume 20, Number 108