peter@ficc.uu.net (Peter da Silva) (12/19/89)
Hey folks, flaming about security is fun. But it's not very interesting. How about stepping back a few paces and looking at the subject line. How about: Trashing /etc/group? Trashing most of /etc/passwd? Drastic changes to UNIX file semantics, like ACLs? How about file version numbers? How about file passwords? -- `-_-' Peter da Silva. +1 713 274 5180. <peter@ficc.uu.net>. 'U` Also <peter@ficc.lonestar.org> or <peter@sugar.lonestar.org>. "It was just dumb luck that Unix managed to break through the Stupidity Barrier and become popular in spite of its inherent elegance." -- gavin@krypton.sgi.com
schwartz@psuvax1.cs.psu.edu (Scott Schwartz) (12/19/89)
In article <7348@ficc.uu.net> peter@ficc.uu.net (Peter da Silva) writes: >How about: > Drastic changes to UNIX file semantics, like ACLs? Do this. It is a huge win. Anyone who has used a system with well supported ACLs (Pr1mos and Aegis are ones that I have) will agree with this. Anyone who objects to this will be required to indicate where they've used it previously. Most people I've argued with have never tried Multics-style acls, and don't know what they are missing. > How about file passwords? As in, supply a passwd to read a file? Major lossage...don't do this. Primos had this too, and using it was the best way to have no security at all. You wind up with applications that "know" the password so they can read certain files. Torture the application a little, and the password is yours. If you must use filesystem based techniques for this kind of thing, setuid applications are whole bunches better, and more elegant too. (Note, I didn't say setuid _root_, so calm down before hitting 'F' :-) -- Scott Schwartz <schwartz@shire.cs.psu.edu> "More mips; cheaper mips; never too many." -- John Mashey