Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!cs.utexas.edu!uunet!indetech!fiver!palowoda From: palowoda@fiver (Bob Palowoda) Newsgroups: comp.unix.sysv386 Subject: Re: UNIX and security Message-ID: <1990Dec7.215727.23696@fiver> Date: 7 Dec 90 21:57:27 GMT References: <168@raysnec.UUCP> Organization: Fiver Communications, Fremont, Ca Lines: 33 From article <168@raysnec.UUCP>, by shwake@raysnec.UUCP (Ray Shwake): > tim@delluk.uucp (Tim Wright) writes: > >>As has been pointed out, MOST people running unix do NOT want any higher >>level security than is already provided. It only gets in the way. I get the >>distinct feeling that if you want "high" levels of security, you shouldn't >>be running unix in the first place. Any comments ? > > Sorry, Tim, can't agree. Despite all the references to UNIX' "inherent > lack of security", even plain-vanilla UNIX supports a higher security > potential than many OS alternatives, even those of "commercial quality". > How one exploits that potential, however, is another matter. Of course, one > must distinguish between security weaknesses inherent in the operating system > from those associated with add-ons (e.g. sendmail). > > Yes, many people do NOT want a higher level of security than is > already provided, since security costs in both human and system resources > without obvious benefit - at least, not until you need it! I was under the impression that (at least with SCO's UNIX) you have to buy C2. Or am I wrong here. If this is the case how can one measure the cost benefit? How much does Secureware addin cost in other versions? How do you know how much it costs? What's the prices average price difference between SysV/MLS and SysV? ---Bob -- Bob Palowoda palowoda@fiver | *Home of Fiver BBS* Home {sun}!ys2!fiver!palowoda | 415-623-8809 1200/2400 {pacbell}!indetech!fiver!palowoda | An XBBS System Work {sun,pyramid,decwrl}!megatest!palowoda| 415-623-8806 1200/2400/19.2k TB+