Unix (In)Security

[Henry Spencer]

> Another comment made by the speaker was that there have been 5 attempts
> at generating secure Unix kernels.  All attempts have not been successful
> and 4 have been aborted.  ...

This simply reflects Unix's status as the preferred operating system to
try to re-implement, if you are trying to re-implement something.  *Most*
(all?) secure-kernel projects have been failures.  Many of them have been
based on Unix.  So it's hardly suprising that the number sounds impressive.

Yes, there are security holes in Unix, as distributed.  By and large, they
are curable once you know they are there.  It helps if the underlying system
is reasonably stable, so you get a chance to find and fix the bugs; security
bugs in 4.2BSD are hardly suprising, since so much of the kernel was not
thoroughly tested at release time.
-- 
				Henry Spencer @ U of Toronto Zoology
				{allegra,ihnp4,linus,decvax}!utzoo!henry