Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!cs.utexas.edu!execu!sequoia!rpp386!jfh
From: jfh@rpp386.Dallas.TX.US (John F. Haugh II)
Newsgroups: comp.unix.wizards
Subject: Re: What kinds of things would you want in the GNU OS?
Summary: On the road past C2 security ...
Message-ID: <16596@rpp386.Dallas.TX.US>
Date: 29 May 89 17:31:03 GMT
References: <106326@sun.Eng.Sun.COM> <10317@smoke.BRL.MIL> <106584@sun.Eng.Sun.COM> <11666@bloom-beacon.MIT.EDU>
Reply-To: jfh@rpp386.cactus.org (John F. Haugh II)
Organization: River Parishes Programming, Plano TX
Lines: 16

In article <11666@bloom-beacon.MIT.EDU> boomer@space.mit.edu (Don Alvarez) writes:
>                                  I'd say go ahead and leave
>/etc/passwd the way it is, but try to come up with a simple password-
>checker to make sure people don't use password=account-name couplets.

You can't make it to B1 secure with non-privileged user readable
encrypted passwords.

The Orange Book clearly outlines the requirements regarding
publically readable encrypted data.  I encourage anyone making
security decisions to read the book.
-- 
John F. Haugh II                        +-Button of the Week Club:-------------
VoiceNet: (512) 832-8832   Data: -8835  | "AIX is a three letter word,
InterNet: jfh@rpp386.Cactus.Org         |  and it's BLUE."
UucpNet : <backbone>!bigtex!rpp386!jfh  +--------------------------------------