SCO Unix security features (WAS Re: SCO UNIX 3.2 Failure: df Command)
John Pettitt
jpp at specialix.co.uk
Tue Aug 14 00:31:57 AEST 1990
Some comments on the C2 debate:
We are running C2 SCO Unix here, in a traditional developemt
environment (lots of users + several sysadm people with kernel
skills). On the whole we have found C2 to be a waste of space
because the sort of things we need are not there !
To explain further:
a) The average commercial site does not need fancy logs that nobody
is going to read.
b) ditto subsystem authorizations.
c) We DO NEED control over who can login on any terminal (I would
like to limit modem access to authorized users). I used to be able
to do this with a dialup passwd and SCO tok it out of the `secure
UNIX' (I know it's back now).
d) We DO NEED clear, automatic security reporting - We have scripts
that mail the postmaster a list of all modem activity, bad su attempts
(fails and attempts from users not on a valid list) etc etc. We
had to write our own scripts to do this.
We are not running imbedded system like Ronald, we have two of our
internal systems running SCO Unix with 45 users between them.
If anybody at SCO want's to take this further I will be at Forum
next week.
--
John Pettitt, Specialix International,
Email: jpp at specialix.com Tel +44 (0) 9323 54254 Fax +44 (0) 9323 52781
Disclaimer: Me, say that ? Never, it's a forged posting !
More information about the Comp.unix.i386
mailing list