Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!mit-eddie!genrad!decvax!ucbvax!SUSHI.STANFORD.EDU!PALLAS
From: PALLAS@SUSHI.STANFORD.EDU.UUCP
Newsgroups: mod.protocols.tcp-ip
Subject: Re: My Broadcast
Message-ID: <12292375789.16.PALLAS@Sushi.Stanford.EDU>
Date: Mon, 6-Apr-87 11:36:56 EST
Article-I.D.: Sushi.12292375789.16.PALLAS
Posted: Mon Apr  6 11:36:56 1987
Date-Received: Wed, 8-Apr-87 04:37:19 EST
References: <12292273571.8.MRC@PANDA>
Sender: daemon@ucbvax.BERKELEY.EDU
Distribution: world
Organization: The ARPA Internet
Lines: 26
Approved: tcp-ip@sri-nic.arpa

I see that, as usual, Mark Crispin has tried to turn a constructive
discussion into a diatribe against Unix.  If there's a point to his
flame, however, it escapes me.  It does bear an entertaining
resemblance to some conspiracy theories I've heard, I must admit.

    Crispin's definition of a "somewhat secure operating system":
    A "somewhat secure operating system" is one that, given an
    intelligent system management that does not commit a blunder that
    compromises security, would withstand an attack by one of its
    architects for at least an hour.

"You stupid fool, who told you to turn the damn thing on?!?"

    Crispin's definition of a "moderately secure operating system": a
    "moderately secure operating system" is one that would withstand
    an attack by one of its architects for at least an hour even if
    the management of the system are total idiots who make every
    mistake in the book.

The first mistake in the book is to believe that the security of the
operating system implies the security of the data, or rather that the
system is an isolated entity which can be made "secure" independent of
its environment.

joe
-------