Path: utzoo!mnetor!uunet!husc6!tut.cis.ohio-state.edu!bloom-beacon!mit-eddie!uw-beaver!tikal!sigma!sea375!dave
From: dave@sea375.UUCP (David A. Wilson)
Newsgroups: comp.os.vms
Subject: Re: Help us defend against VMS!
Message-ID: <176@sea375.UUCP>
Date: 22 Mar 88 05:15:30 GMT
References: <2886@enea.se>
Organization: At Home in Seattle, WA
Lines: 19

in article <2886@enea.se>, sommar@enea.se (Erland Sommarskog) says:
> 
> I wouldn't say that it's ridiculous. VMS 4.3, was approved for the C2 
> level of security. Unix is not even near of this.

Gould has developed a Unix system that is also C2. Almost any Unix system can
be made C2 without great difficulty. Berkeley-style multiple group membership
can provide very effective security, if /etc/group is carefully administered
and root access is strictly limited. Some simple changes to the kernal could
easily provide priviledged groups for some functions that are currently
restricted to superuser only.

I still haven't see a convincing argument to the claim that access-lists are
more secure than user/group/other style permissions(where multiple group
membership is allowed).

-- 
	David A. Wilson
	uw-beaver!tikal!slab!sea375!dave