jbn@wdl1.UUCP (John B. Nagle) (01/03/85)
Substantial progress has been made toward a more secure version of UNIX. See ``LINUS-IV -- an experiment in computer security'' in Proc. 1984 Symposium on Security and Privacy, IEEE Computer Society. A few quotes from the paper: "LINUS IV in the prototype stage is based on the 4.1 Berkeley System Distribution which runs on the VAX-11 series of computers." "The system creates a random but pronouncable password for the user." "The duties formerly held by the single superuser of UNIX are separated in LINUS IV into three separate special users. The special users are system personnel that have distinct services to perform on behalf of the system and are: 1. the Security Officer 2. the Operator, and 3. the Administrator. These special LINUS IV users can still subvert the system but not without a good chance of recognition by the remaining special users." "When certain files contain too many privileges for the common user, the integrity of the system may suffer... LINUS IV has a utility called INTEGRITY that compares the owner, group, and permissions for each file against an entry for that file in a central database. The INTEGRITY utility is invoked during system startup and periodically during system operation." "LINUS IV is intended to become evident to only two classes of users; the system personnel and the system ``abusers''. LINUS IV will attempt to alert the former, whenever possible, to the presence of the latter." The author was Steven Kramer, who is now with AXIOM Technology. I do not have an address for him or AXIOM, which is not associated with this work.