peter@ficc.uu.net (Peter da Silva) (10/02/89)
I made the claim that there have been no security holes reported for System V. > What about the one that lets any user trivially truncate the password > file? And lets the real clever get root access? OK, one. And this one is trivially avoided by moving /tmp off the root partition. Which is pretty important to security anyway. For DOS, there is NO way to keep a user program from writing anywhere in memory, on the disk, and so on. Like I said, you can't *stop* a dedicated, smart, and patient attacker. You can slow them down, and you can stop the casual, stupid, or hasty ones. As delivered, even Berkeley UNIX is more secure than the best secured DOS system. -- Peter da Silva, *NIX support guy @ Ferranti International Controls Corporation. Biz: peter@ficc.uu.net, +1 713 274 5180. Fun: peter@sugar.hackercorp.com. `-_-' "That is not the Usenet tradition, but it's a solidly-entrenched U delusion now." -- brian@ucsd.Edu (Brian Kantor)
bill@twwells.com (T. William Wells) (10/03/89)
In article <6383@ficc.uu.net> peter@ficc.uu.net (Peter da Silva) writes:
: I made the claim that there have been no security holes reported for
: System V.
:
: > What about the one that lets any user trivially truncate the password
: > file? And lets the real clever get root access?
:
: OK, one.
Nope. Two. I'll tell you about it in e-mail, since I can't think of a
hint that won't just give it away.
Not to be nitpicky, but SysV isn't all *that* secure.
: As delivered, even Berkeley UNIX is more secure than the best secured
: DOS system.
No argument there. But it is kind of irrelevant since it is a
comparison of apples and oranges. DOS is single user; a single user
UNIX system is, in general, just as insecure as a DOS machine: both
are equally subject to opening the case and fiddling with the
hardware....
Not defending DOS at all: if I didn't have to use it on occasion at
work, I'd never touch it at all. I'd rather use CPM. :-)
---
Bill { uunet | novavax | ankh | sunvice } !twwells!bill
bill@twwells.competer@ficc.uu.net (Peter da Silva) (10/04/89)
In article <1989Oct3.152433.238@twwells.com>, bill@twwells.com (T. William Wells) writes: > Not to be nitpicky, but SysV isn't all *that* secure. Well, it's better than BSD, and miles better than DOS. And apparently SCO is doing a C2 UNIX. > No argument there. But it is kind of irrelevant since it is a > comparison of apples and oranges. DOS is single user... Well, in two contexts it's relevant. Viruses and DOS networks. A network is a multi-user environment. > Not defending DOS at all: if I didn't have to use it on occasion at > work, I'd never touch it at all. I'd rather use CPM. :-) I used to say things like that, but it's been a long time since it's really been true. DOS 2.x is better than CP/M-80. I gave up trying to keep track of CP/M-86. -- Peter da Silva, *NIX support guy @ Ferranti International Controls Corporation. Biz: peter@ficc.uu.net, +1 713 274 5180. Fun: peter@sugar.hackercorp.com. `-_-' "That is not the Usenet tradition, but it's a solidly-entrenched U delusion now." -- brian@ucsd.Edu (Brian Kantor)