Xref: utzoo comp.sys.amiga:74291 alt.religion.computers:2203 Path: utzoo!utgpu!cs.utexas.edu!uunet!world!bzs From: bzs@world.std.com (Barry Shein) Newsgroups: comp.sys.amiga,alt.religion.computers Subject: Re: A3000UX competition Message-ID: Date: 13 Dec 90 04:23:38 GMT References: <86470@tut.cis.ohio-state.edu> <12003@hubcap.clemson.edu> <36449@cup.portal.com> <1990Dec2.153612.28555@zorch.SF-Bay.ORG> <36488@cup.portal.com> <1990Dec11.164431.819@jarvis.csri.toronto.edu> <16482@cbmvax.commodore.com> Sender: bzs@world.std.com (Barry Shein) Organization: The World Lines: 76 In-Reply-To: martin@cbmvax.commodore.com's message of 12 Dec 90 16:18:43 GMT From: martin@cbmvax.commodore.com (Martin Hunt) >Whichever, distributing >sources is a good thing in an academic environment, but a very bad idea >if you are trying to capture the business market. Hey! Who let the MBA in? And I suppose you're next going to argue that auto manufacturers should put their own locks on car hoods to help capture the business markets? Look, all OS's have bugs. Many are tolerable. Most are tolerable by most people. But if you're the site that has to virtually shut down operations because of a security flaw which doesn't seem to bother that many other sites (e.g. if it's an internet break-in opportunity, most customers won't be on the internet) then you're in trouble w/o the sources. Beyond that kind of extreme situation there are many shades of gray. None of this is peculiar to Unix, everything I say could apply to VMS, AOS/VS etc. Systems with absolutely no security, like DOS or Macs (or Amigas I assume, but I don't know Amiga/OS), are obviously excluded from these examples. I don't know of any OS, for example, which gives much control over when someone can log in. Say you have operators with (some) privileges and would rather not have them logging in off-shift. Do you know any OS which lets you put that kind of logic in? (Oh, under most I can write scripts which disable accounts at various times, but I get to monkey around with some things which are fraught with peril.) (I assume someone will say "so ask them not to log in off-shift", a logic I agree with, but just an example.) So you tell the vendor, and the answer is "we don't have too many customers who want that (they always know exactly what their customers want, until someone comes in to auction off the furniture), so forget it". One compromise I've called for for years is that the sources to certain critical applications, such as login and password checking modules, should be supplied as source (certain pieces, like the encryption stuff, might not, just appear as library calls, but the mainline logic at any rate.) If I want to add code to demand longer passwords, or a secondary password if I think it's a really odd time (or place) for this particular person to be logging in, why should it be so difficult? What's the big deal? There probably aren't any big deal trade secrets in the login sources (in fact, I know Unix' login sources quite well, they're quite boring and predictable, which is good!) It's this binary mentality that either you get all the sources, or none that goads me. How about a few device driver sources? Some windows applications (admittedly some vendors do make these available, tho it's usually just the most trivial cases)? Is this sort of stuff really the family jewels? Not likely. Fortunately this situation is changing itself within the Unix community as almost everything you might want is available as a freely distributable source equivalent. I can't help but wonder where the motivation to write all those free-source clones comes from if there's really no need. -- -Barry Shein Software Tool & Die | {xylogics,uunet}!world!bzs | bzs@world.std.com Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD