Path: utzoo!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!zaphod.mps.ohio-state.edu!swrinde!elroy.jpl.nasa.gov!decwrl!pa.dec.com!hollie.rdg.dec.com!jch
From: jch@hollie.rdg.dec.com (John Haxby)
Newsgroups: comp.unix.ultrix
Subject: Re: ENHANCED SECURITY ULTRIX 4.1
Message-ID: <1991Mar7.085303.7508@hollie.rdg.dec.com>
Date: 7 Mar 91 08:53:03 GMT
References: <1991Mar6.212110.22576@mlb.semi.harris.com>
Sender: news@hollie.rdg.dec.com (Mr News)
Reply-To: jch@hollie.rdg.dec.com (John Haxby)
Organization: Digital Equipment Corporation
Lines: 18


In article <1991Mar6.212110.22576@mlb.semi.harris.com>, dcb@dave.mis.semi.harris.com (Dave Brillhart) writes:
|>   o  All passwords become invalid and are non-recoverable.

Because they are stored somewhere else and using a different
encryption algorithm.

|>   o  You cannot su to a priv account from a non-secure terminal.

Terminals can be "trusted" as well as "secure"

The security features are hideously complicated (not
a three state variable), so you will need a fair amount
of luck.
-- 
John Haxby, Definitively Wrong.
Digital				<jch@wessex.rdg.dec.com>
Reading, England		<...!ukc!wessex!jch>