Path: utzoo!attcan!uunet!visenix!beattie From: beattie@visenix.UUCP (Brian Beattie) Newsgroups: comp.unix.sysv386 Subject: Re: SCO doesn't sell UNIX Message-ID: <876@visenix.UUCP> Date: 12 Dec 90 13:50:20 GMT References: <1990Dec08.224008.829@kithrup.COM> <18804@rpp386.cactus.org> Reply-To: beattie@visenix.UUCP (Brian Beattie) Organization: Department of Redundancy Department Lines: 41 In article <18804@rpp386.cactus.org> jfh@rpp386.cactus.org (John F Haugh II) writes: -In article drmorris@athena.mit.edu (David R Morrison) writes: ->I wrestled with SCO last summer, and what amused me most was that they ->went to an extreme to make the machine (kernel/os) secure, and practicly ->ignored making a distributed system secure. I read this as "making a delivered system secure". - -Technically speaking, there is no such thing as a secure distributed Bzzzzzzzt I'm sorry but that is not correct. :-) -system. The Orange Book does not address network O/S's and once you -connect your machine to another, all bets were off. It is The Red Book disscusses this issue. Although John is correct with respect to the Orange Book, in that if you have an ethernet or a modem or a pad or the like your system is outside the scope of the Orange Book. That is not to say that it is insecure, just that it does not meet the requirements of a TCB (Trusted Computing Base) as described in the Orange Book. - ->This is a C2 secure system? - -No. It's a bunch of stuff someone decided to market as a C2 system. And a pretty poor example of what can be done at that. --- -John F. Haugh II UUCP: ...!cs.utexas.edu!rpp386!jfh -Ma Bell: (512) 832-8832 Domain: jfh@rpp386.cactus.org -- It is easier to build a | Brian Beattie (703)471-7552 secure system than it is | 11525 Hickory Cluster, Reston, VA. 22090 to build a correct system.| M. Gasser | ...uunet!visenix!beattie