jbn@wdl1.UUCP (John B. Nagle) (01/03/85)
Substantial progress has been made toward a more secure version of UNIX.
See ``LINUS-IV -- an experiment in computer security'' in Proc. 1984
Symposium on Security and Privacy, IEEE Computer Society.
A few quotes from the paper:
"LINUS IV in the prototype stage is based on the 4.1 Berkeley
System Distribution which runs on the VAX-11 series of computers."
"The system creates a random but pronouncable password for the user."
"The duties formerly held by the single superuser of UNIX are
separated in LINUS IV into three separate special users. The
special users are system personnel that have distinct services
to perform on behalf of the system and are:
1. the Security Officer
2. the Operator, and
3. the Administrator.
These special LINUS IV users can still subvert the system but not
without a good chance of recognition by the remaining special users."
"When certain files contain too many privileges for the common user,
the integrity of the system may suffer... LINUS IV has a utility
called INTEGRITY that compares the owner, group, and permissions
for each file against an entry for that file in a central database.
The INTEGRITY utility is invoked during system startup and periodically
during system operation."
"LINUS IV is intended to become evident to only two classes of
users; the system personnel and the system ``abusers''. LINUS IV
will attempt to alert the former, whenever possible, to the presence
of the latter."
The author was Steven Kramer, who is now with AXIOM Technology. I do not
have an address for him or AXIOM, which is not associated with this work.