Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!apple!oliveb!sun!arabian!jamesa From: jamesa@arabian.Sun.COM (James D. Allen) Newsgroups: comp.unix.wizards Subject: Re: GNU, security, and RMS Message-ID: <107977@sun.Eng.Sun.COM> Date: 4 Jun 89 03:47:58 GMT References: <106326@sun.Eng.Sun.COM> <422@ladcgw.ladc.bull.com> <13688@ncoast.ORG> <29457@ucbvax.BERKELEY.EDU> Sender: news@sun.Eng.Sun.COM Lines: 61 In article <2322@thor.acc.stolaf.edu> mike@stolaf.edu (Mike Haertel) writes: > > (1) Anyone who thinks a UNIX-compatible system can be `secure' has > some serious delusions. Timing windows and covert channels abound. Help stamp out covert channels! I don't care what text-editor my computer runs as long as KGB agents can't use it to send messages to Moscow Central. In article <29457@ucbvax.BERKELEY.EDU>, haynes@ucbarpa.Berkeley.EDU (Jim Haynes) writes: > In article <2322@thor.acc.stolaf.edu> mike@stolaf.edu writes: > > > >(2) There should not be security among the users of a computer system. > > The principal use I have seen security put to has been the self- > > aggrandizement of system administrators at the expense of the > > user community. (I agree that in some situations it is reasonable > > to have security to keep out outsiders, though.) Bravo! I'll do an occasional % chmod 600 Personal_little_black_book to discourage casual snooping, but I always make /dev/mem and /dev/disk `rw-r--r--'. If a user wants to write his own improved `df' or `ps', more power to him. > > Well, you have a right to your opinion; but a corollary of this belief > is that all the users of a computer system have to be mutually friendly > and responsible and trust one another. Which sounds like the mythical > home town where people don't need to lock the doors when they leave home. Rare perhaps in 1990 U.S.A., but "mythical"? Boy. I guess one way to cope with cynicism is to believe things are this bad everywhe{n,re}. > > I claim the right to remain highly skeptical when the user community is > a collection of college students of widely varying backgrounds, political > beliefs, sexual orientations, maturities, academic abilities, etc. Oh, I was wondering how different organizations used the group_id. Let me guess: % cat /etc/group fhetero:*:1: mhetero:*:2: fhomo:*:-2: mhomo:*:-3: boviphile:*:-4: I suppose Berkeley invented setgroups() to accommodate bisexuals. + In article <3, I think> jfh@rpp386.cactus.org (John F. Haugh II) writes: + + I think [a previous poster] meant getting rid of UID == 0 being a + + privileged user. Again, this an Orange Book requirement. Orange Book? Oh, you mean the people that brought us the B-1 Bomber and the Iranian secret police. Right on! Let Noriega export billions of $ of cocaine to North America, just don't tell him the root password. > -- > Mike Haertel > ``There's nothing remarkable about it. All one has to do is hit the right > keys at the right time and the instrument plays itself.'' -- J. S. Bach So JS Bach was a Unix hacker! It wasn't mentioned in his biography.