martillo@athena.mit.edu (Yakim Martillo) (06/27/87)
I have noticed a discussion in this group about VMS security. Now I have not been a frequent user of VMS but my experience has been that it is fairly easy to break security if one has an account on the machine and a little harder if one does not. Further, VMS does not offer the type of multi-level security on a given host which military projects tend to demand. If the environment is networked, VMS security has security holes all over the place because as I remember only link level security was offered and only via a separate box. Since with the development of workstations, almost every form of computing has become distributed computing, any system which does not offer security apparatus at every protocol level should probably be considered totally insecure. Of course, this is not specifically a VMS problem. Unix, Primos and almost every other system I have used has no security in the distributed environment. I believe DEC has a secure distributed system maybe called Amoeba.