SCO Unix security features
Brandon S. Allbery KB8JRR/KT
allbery at NCoast.ORG
Fri Aug 17 03:45:14 AEST 1990
As quoted from <881 at mwtech.UUCP> by martin at mwtech.UUCP (Martin Weitzel):
+---------------
| In article <165 at edat.UUCP> root at edat.UUCP (Superuser) writes:
| Isn't one of the key principles of C2 security the following:
|
| SECURITY MUST NOT BE ACHIEVED BY OBSCURITY
|
| or in other words: Isn't any C2-secure system obliged to describe
| each and any method *how* their (until then only claimed) security
| is implemented?
+---------------
This obscurity isn't intended to enhance security; it's just SCO keeping its
(l)users fat, dumb, and happy. I suspect the usual slaughter will follow at
some point as well....
+---------------
| system which documents its implementation in such a way that you can
| not find easily what you are looking for, may well be considered as
| one which trys to achieve security by obscurity and hence is *NOT*
| C2.)
+---------------
The manuals in question didn't even come with my system. (grrr) And even
with them, I have yet to find out how to do anything without writing a C
program, to be run as root in order to have permissions to massage the
authorizations database.
And you still haven't answered my biggest question: why do I have to put up
with this *at all* when the machines I have to install and maintain this on
need nothing more than simple group vectors and /etc/shadow?
++Brandon
--
Me: Brandon S. Allbery VHF: KB8JRR/KT on 220 (soon others)
Internet: allbery at NCoast.ORG Delphi: ALLBERY
uunet!usenet.ins.cwru.edu!ncoast!allbery America OnLine: KB8JRR
More information about the Comp.unix.i386
mailing list