Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!lavaca.uh.edu!uhnix1!sugar!ficc!peter
From: peter@ficc.uu.net (Peter da Silva)
Newsgroups: comp.misc
Subject: Security (Re: the Multics from the black lagoon :-))
Message-ID: <39N16A5xds13@ficc.uu.net>
Date: 9 Feb 90 14:54:12 GMT
References: <8859@portia.Stanford.EDU> <20571@watdragon.waterloo.edu> <49956@sgi.sgi.com> <4791@helios.ee.lbl.gov> <2093@crdos1.crd.ge.COM> <1990Feb7.221800.804@utzoo.uucp> <33823@news.Think.COM>
Reply-To: peter@ficc.uu.net (Peter da Silva)
Organization: Xenix Support, FICC
Lines: 14

> One might argue that the hardware-supported security mechanisms
> aren't really required, but the hardware support is precisely what is
> needed to protect against viruses efficiently (see comp.virus for
> discussions about hardware support to limit the capabilities of programs to
> modify other programs);

Also note that all the capabilities being talked about in comp.virus are
available in UNIX simply by making the chmod() system call super-user
only. The exotic protection scheme of Multics is what kept it from being
reasonably portable, remember.

Also note the point that all the code-protection goes out thw window the
second you have an interpreted language... and you're back to depending on
the security of the language interpreter.
-- 
 _--_|\  Peter da Silva. +1 713 274 5180. <peter@ficc.uu.net>.
/      \
\_.--._/ Xenix Support -- it's not just a job, it's an adventure!
      v  "Have you hugged your wolf today?" `-_-'