Path: utzoo!mnetor!tmsoft!torsqnt!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!mcsun!hp4nl!svin02!eba!ebs!wjw
From: wjw@ebs.eb.ele.tue.nl (Willem Jan Withagen)
Newsgroups: comp.sys.apollo
Subject: Re: COPS on the Apollo
Message-ID: <1094@eba.eb.ele.tue.nl>
Date: 18 Feb 91 10:10:49 GMT
References: <1991Feb15.133303.11982@bnr.ca>
Sender: news@eb.ele.tue.nl (The News system)
Organization: Eindhoven University of Technology, The Netherlands
Lines: 22

In article <1991Feb15.133303.11982@bnr.ca> scalera@batpa15.bnr.ca (Eric Scalera) writes:
=>Has anybody been successful in running COPS in the Apollo environment?

Yes, we have. 
But since Apollo's do not adhere to the very limitted Unix protection scheme
( no flames, please :-) ) is there only a modest degree of confidence in the
outcome of the test. I've always wanted to look further into this, but one of
the things which limit this process is the ommision of user-usable system-calls
to read the ACL's on files, etc. (Are you listening APOLLO !!).
Even then are the results no 100% reliable, since the are things like
protected subsystems. But it would cover most of the very obvious holes.

Next to that has the security-checker (kuang) to be extended, since there are 
more options of getting to a single objective. But this is not as hard as it
seems.

Ciao,
	Willem Jan Withagen
Eindhoven University of Technology   DomainName:  wjw@eb.ele.tue.nl    
Digital Systems Group, Room EH 10.10 
P.O. 513                             Tel: +31-40-473401
5600 MB Eindhoven                    The Netherlands