Path: utzoo!mnetor!uunet!husc6!rutgers!iuvax!bsu-cs!dhesi From: dhesi@bsu-cs.UUCP (Rahul Dhesi) Newsgroups: comp.os.vms Subject: Re: security holes Message-ID: <1750@bsu-cs.UUCP> Date: 29 Dec 87 19:38:37 GMT References: <8712291637.AA21265@ucbvax.Berkeley.EDU> Reply-To: dhesi@bsu-cs.UUCP (Rahul Dhesi) Organization: CS Dept, Ball St U, Muncie, Indiana Lines: 30 In article <8712291637.AA21265@ucbvax.Berkeley.EDU> "NTVAXA::AC02" writes: > By the way UNIX security is real joke, VMS security is light-years better. I question this generalization. As simple illustrative examples, consider two points: a. On all UNIX systems I've ever used, I have always included one or more control characters or special characters in my password, making it impossible to guess using the dictionary approach. VMS complains of a syntax error when I do this. So under UNIX, I could take an easy-to-remember password like "indiana" and make it secure by changing a character to a control character, or inserting a special character, as in "indi^Ana" or "in&diana", without making it hard to remember. Under VMS I have to come up with some meaningless concoction like "kyep-morg-arrgh" which, while guaranteed pronounceable by VMS, is also guaranteed impossible to remember. b. Under UNIX, an unprivileged user can make a program available to the public yet any data files used by the program can be writable by the program but not directly writable by other users. Under VMS unprivileged users can't do this, so they have to "hide" their files by giving them long names, and hope nobody figures out these names. Once in a while I type "show device/files" and am amused to see such files listed there for all to see. This is not meant to start another UNIX/VMS war but any time you make such a rash generalization you are inviting counter-examples. -- Rahul Dhesi UUCP: !{iuvax,pur-ee,uunet}!bsu-cs!dhesi