Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!lll-winken!uunet!mcsun!ukc!axion!delluk!tim From: tim@delluk.uucp (Tim Wright) Newsgroups: comp.unix.sysv386 Subject: Re: UNIX and security Message-ID: Date: 10 Dec 90 09:55:21 GMT References: <2318@tabbs.UUCP> <1990Nov30.025126.12879@fiver> <168@raysnec.UUCP> Sender: usenet@delluk.uucp (Usenet posting login) Followup-To: alt.security Organization: Dell Computer Corp., Bracknell, UK Lines: 30 In <168@raysnec.UUCP> shwake@raysnec.UUCP (Ray Shwake) writes: >tim@delluk.uucp (Tim Wright) writes: >>As has been pointed out, MOST people running unix do NOT want any higher >>level security than is already provided. It only gets in the way. I get the >>distinct feeling that if you want "high" levels of security, you shouldn't >>be running unix in the first place. Any comments ? > Sorry, Tim, can't agree. Despite all the references to UNIX' "inherent >lack of security", even plain-vanilla UNIX supports a higher security >potential than many OS alternatives, even those of "commercial quality". Sorry Ray, I didn't make myself clear. I didn't mean to imply "Vanilla UNIX" was insecure. Far from it. I said that a well set up system probably gave as much security as most people wanted. Having thought about it and discussed it those who know considerably more about the subject than myself, I have changed my mind slightly. I'm not convinced that a vanilla system provides as much security as people need, but that the implementations of more secure versions have in general been so appalling (?sp) and detrimental to normal (i.e. familiar UNIX) system use as to render them unusable/not-used. I suppose I'd better shut-up here and redirect follow-ups to alt.security. Tim -- Tim Wright, Dell Computer Corp. (UK) | Email address Bracknell, Berkshire, RG12 1RW | Domain: tim@dell.co.uk Tel: +44-344-860456 | Uucp: ...!ukc!delluk!tim "What's the problem? You've got an IQ of six thousand, haven't you?"