Xref: utzoo comp.unix.internals:2337 comp.unix.admin:1217 Newsgroups: comp.unix.internals,comp.unix.admin Path: utzoo!utgpu!cunews!micor!latour!ecicrl!eci386!woods From: woods@eci386.uucp (Greg A. Woods) Subject: Re: Unix security additions Message-ID: <1991Mar14.230944.9184@eci386.uucp> Reply-To: woods@eci386.UUCP (Greg A. Woods) Organization: Elegant Communications Inc. References: <39950@cup.portal.com> Date: Thu, 14 Mar 91 23:09:44 GMT In article <39950@cup.portal.com> PLS@cup.portal.com (Paul L Schauble) writes: > When unix was first developed, the system gave only minimal attention to > security issues. Lately, this has been a hot topic and a lot of work has > been done to improve Unix security. Excuse me, but IMHO, when UNIX was first developed, *more* attention was put into careful consideration of security issues than with almost any other system of its time (except maybe for MULTICS). A significant patent was even granted to one of the inventors for a very innovative systems security technique. > I'm curious: What do you think are the five most significant changes or > additions that have been made to Unix to improve its security? The most significant "things" that have affected UNIX security in the past few years are the perpetuation of myths about how insecure some people perceive UNIX to be. In addition, partially because of a large amount of ignorance, UNIX security has been mangled by well meaning vendors who were pushed by clients who believed the myths. The only other significant thing I can think of is "the network". Many network tools have introduced significant security problems to UNIX where none existed in isolated systems. Eg. sendmail, finger, & nfs. Of course the things most people might have been thinking of are the various implementations of "Orange Book" security features for UNIX. -- Greg A. Woods woods@{eci386,gate,robohack,ontmoh,tmsoft}.UUCP ECI and UniForum Canada +1-416-443-1734 [h] +1-416-595-5425 [w] VE3TCP Toronto, Ontario CANADA Political speech and writing are largely the defense of the indefensible-ORWELL