Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!usc!csun!kithrup!sef
From: sef@kithrup.COM (Sean Eric Fagan)
Newsgroups: comp.unix.sysv386
Subject: Re: SCO doesn't sell UNIX
Message-ID: <1990Dec08.224008.829@kithrup.COM>
Date: 8 Dec 90 22:40:08 GMT
References: <1990Dec1.223750.16286@NCoast.ORG> <275A9A50.3F3F@tct.uucp> <2341@tabbs.UUCP>
Organization: Kithrup Enterprises, Ltd.
Lines: 41

In article <2341@tabbs.UUCP> aris@tabbs.UUCP (Aris Stathakis) writes:
>End users will be
>demanding it, and we'll have to provide it.  

Uhm, I'm an end user, and I'm certainly not demanding it.

What makes you think that SCO's C2 stuff makes it more secure?  As far as I
can tell, the stuff that helps the security is the password stuff:  it
checks for certain obvious passwords, will tell you if your password is a
"good" one or not, and can be set to expire passwords.  (I don't know about
the latter one, actually.  There *are* certain passwords you want to change
regularly [such as root, for example], but if you expire passwords and force
users to change their passwords on a regular basis, they're likely to just
switch between two passwords.)  The fact that it can take a longer string
than 8 characters is also good.

The luid stuff is mostly for accounting; I can come up with some
circumstances where it would prevent some things from happening, but the
bother is far more than it's worth.  (Try playing with a pseudo-user's
crontab entry, for example.  Unless you want to futz with sending the
appropriate signals and stuff to cron, you *can't*.)

I know of nobody who ever enables the auditing (and I end up exchanging
email with a *lot* of SCO users).  It eats up too much disk space.

>Maybe not now, but 2 years
>down the line I think all UNIX systems will have a C2 or better
>security rating.  

SCO doesn't have any rating at all for their UNIX.  Not C2, not B, not even
D1.  Other people have explained why this is so, so I won't.

The implementation of C2 that SCO went with *sucks*.

In my other life, I officially endorse C2.

-- 
Sean Eric Fagan  | "I made the universe, but please don't blame me for it;
sef@kithrup.COM  |  I had a bellyache at the time."
-----------------+           -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.