Xref: utzoo comp.unix.wizards:6818 comp.os.vms:5082
Path: utzoo!mnetor!uunet!lll-winken!lll-lcc!ptsfa!pacbell!att-ih!ihnp4!inuxc!iuvax!bsu-cs!dhesi
From: dhesi@bsu-cs.UUCP (Rahul Dhesi)
Newsgroups: comp.unix.wizards,comp.os.vms
Subject: Re: Help us defend against VMS!
Message-ID: <2261@bsu-cs.UUCP>
Date: 3 Mar 88 05:22:04 GMT
References: <1636@tulum.UUCP> <68@musky2.MUSKINGUM.EDU>
Reply-To: dhesi@bsu-cs.UUCP (Rahul Dhesi)
Organization: CS Dept, Ball St U, Muncie, Indiana
Lines: 23
Summary: Some homely philosophy

In article <68@musky2.MUSKINGUM.EDU> terrell@musky2.UUCP (Roger Terrell) writes:
>
>VMS ADVANTAGES:
>   - VMS is much more secure, although this does not mean much in an
>academic environment unless there is a lot of research and/or the
>administrative people are paranoid.

There is a widely-held belief that the less an environment allows
people to do, the more secure it must be.  By this strange definition,
the ultimate in security is achieved by not letting anybody log in at
all.  VMS wins very easily, then, since each user's authorization
record has a DISUSER field.  In one fell swoop you can disuser all your
users, since the relevant command will accept wildcards.

However, I prefer to believe that the more you can let your users do
without harming the system, the better your system's security is.  The
ideal secure system would put no restrictions at all on what users
could do, yet it would not be maliciously crashable or allow privacy to
be breached.  (It would also unfortunately succomb to Russell's or a
similar paradox and presumably vanish in a puff of logic.)

UNIX does come pretty close, though.
-- 
Rahul Dhesi         UUCP:  <backbones>!{iuvax,pur-ee,uunet}!bsu-cs!dhesi