Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!yetti!geac!daveb
From: daveb@geac.UUCP (Brown)
Newsgroups: comp.arch,comp.unix.wizards,comp.os.misc
Subject: GNU Security (was Re: FSF et all)
Message-ID: <1494@geac.UUCP>
Date: Mon, 28-Sep-87 09:05:45 EDT
Article-I.D.: geac.1494
Posted: Mon Sep 28 09:05:45 1987
Date-Received: Tue, 29-Sep-87 01:20:51 EDT
References: <4950@jade.BERKELEY.EDU> <2117@eecae.UUCP> <893@mcgill-vision.UUCP>
Reply-To: daveb@geac.UUCP (Dave Collier-Brown)
Organization: The little blue rock next to that twinkly star.
Lines: 36
Xref: mnetor comp.arch:2395 comp.unix.wizards:4546 comp.os.misc:249

In article <893@mcgill-vision.UUCP> mouse@mcgill-vision.UUCP (der Mouse) writes:
>In article <2117@eecae.UUCP>, lawitzke@eecae.UUCP (John Lawitzke) writes:
>>> Minix is v7 - (things you didn't know about, and don't want even if
>>> you did), the GNU kernel should be 4.3BSD + (things) - (security features).
>> The GNU kermel should be 4.3BSD + (things) + (security features)
>
>> What security features don't you want?
>In general, anything which serves no purpose but security.

  May I rephrase you to "minus @#%!$$!?&*! security features"?

  I'm a security-oriented type, but agree that the security "systems"
provided by most OS designers are horrible.  They get in the way of
doing usefull work, they restrict necessary administration, they
produce tons of audit reports, etc.
  On the other hand, I *have* used systems which run at a high level
of security and don't get in the way at all.  The one I'm thinking of
even keeps my boss from reading my mailbox (no small thing, even in a
system which meets the "orange book").

  The important things about security are:
	1) its pervasive (you can't get around it)
	2) its transparent (you don't need to get around it)

  The latter is **HARD**.  Failing to acheive it produces "@#%!$$!?&*!" 
security features, which I formally denigrate.

  GNUvians, feel free to improve security if you care to, but provide
means to make it transparent and, if necessary, hooks to disable it.
--dave

-- 
 David Collier-Brown.                 {mnetor|yetti|utgpu}!geac!daveb
 Geac Computers International Inc.,   |  Computer Science loses its
 350 Steelcase Road,Markham, Ontario, |  memory (if not its mind)
 CANADA, L3R 1B3 (416) 475-0525 x3279 |  every 6 months.