Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.1 6/24/83; site mit-eddie.UUCP
Path: utzoo!linus!security!genrad!mit-eddie!barmar
From: barmar@mit-eddie.UUCP (Barry Margolin)
Newsgroups: net.unix-wizards
Subject: Re: CS Qualifier OS Question on Shells
Message-ID: <823@mit-eddie.UUCP>
Date: Tue, 18-Oct-83 01:14:29 EDT
Article-I.D.: mit-eddi.823
Posted: Tue Oct 18 01:14:29 1983
Date-Received: Tue, 18-Oct-83 23:28:52 EDT
References: <843@hou5e.UUCP>
Organization: MIT, Cambridge, MA
Lines: 13

I think that the trojan horse issue is a red herring (to throw together
a few euphemisms).  If someone can replace someone else's shell on a
system where the shell is a user program, then he can just as easily get
the victim to execute a program which simulates the shell on a system
where the real shell is in the kernal; both of them require making the
victim execute a command.  If this is not the case, then the OS has
serious security problems.  Therefore, since the user-level shell
provides more flexibility to those who need it, it is the obvious
choice.
-- 
			Barry Margolin
			ARPA: barmar@MIT-Multics
			UUCP: ..!genrad!mit-eddie!barmar