mcovingt@athena.cs.uga.edu (Michael A. Covington) (06/18/91)
It has been claimed repeatedly here in the last few days that sysadmins have a duty to make their computers as secure as possible. Well, back in pre-UNIX days, computers _were_ secure, and serious programmers (the kind of people who hang out here) didn't like it. You couldn't see any files other than your own... you couldn't run a process in the background... and so on. The notorious "insecurity" of UNIX is _versatility_. I'm amused that the same kind of people who hated secure operating systems when they had them, now claim operating systems should be more secure. -- ------------------------------------------------------- Michael A. Covington | Artificial Intelligence Programs The University of Georgia | Athens, GA 30602 U.S.A. -------------------------------------------------------
barmar@think.com (Barry Margolin) (06/18/91)
In article <1991Jun18.044351.8369@athena.cs.uga.edu> mcovingt@athena.cs.uga.edu (Michael A. Covington) writes: >Well, back in pre-UNIX days, computers _were_ secure, and serious >programmers (the kind of people who hang out here) didn't like it. >You couldn't see any files other than your own... you couldn't run >a process in the background... and so on. You seem to have a severely limited idea of what existed before Unix. Multics, probably the most secure general-purpose, commercial system that ever existed, was hardly that limited. You could see other users' files if they allowed you to, you could run background jobs, etc. >The notorious "insecurity" of UNIX is _versatility_. No, it's sloppiness. It's true that implementing both security and flexibility in the same system is hard. It requires a decent amount of careful design. Extreme security was not a high priority of the Unix designers (they were just throwing together a little OS for their personal use in a cooperative research environment), and it's difficult to graft good security onto an existing system. >I'm amused that the same kind of people who hated secure operating >systems when they had them, now claim operating systems should be >more secure. There are appropriate environments for both secure and insecure systems. One of the original goals of Multics was that it be used by commercial timesharing utilities; just as you don't want randoms to be able to tap your phone, you wouldn't want them to be able to snoop in your private files. On the other hand, in a cooperative research environment, security barriers between users are often just a pain in the neck. But if the research project is confidential, they'd still want to keep out intruders (e.g. corporate spies). -- Barry Margolin, Thinking Machines Corp. barmar@think.com {uunet,harvard}!think!barmar
cschmidt@lynx.northeastern.edu (06/22/91)
> Well, back in pre-UNIX days, computers _were_ secure, and serious > programmers (the kind of people who hang out here) didn't like it. > You couldn't see any files other than your own... you couldn't run > a process in the background... and so on. > > The notorious "insecurity" of UNIX is _versatility_. > > I'm amused that the same kind of people who hated secure operating > systems when they had them, now claim operating systems should be > more secure. The message quoted above contains one of the many lies about Unix that are responsible for its proliferation. An operating system can offer convenient resource sharing without being as insecure as Unix. I remember reading in early Unix release notes that Unix was designed for a "benign environment". The early Unix designers had different requirements then. To pretend that convenient resource sharing requires lax security is to live in a make-believe world. We programmers and our clients deserve better. Christopher Schmidt cschmidt@lynx.northeastern.edu
gast@maui.cs.ucla.edu (David Gast) (06/29/91)
In article <memo.1122425@lynx.northeastern.edu> cschmidt@lynx.northeastern.edu writes: >> Well, back in pre-UNIX days, computers _were_ secure, and serious >> programmers (the kind of people who hang out here) didn't like it. >> You couldn't see any files other than your own... you couldn't run >> a process in the background... and so on. >> I'm amused that the same kind of people who hated secure operating >> systems when they had them, now claim operating systems should be >> more secure. These other operating systems weren't secure either. There were all sorts of bugs and problems with them. Same with all operating systems today. David