Getting rid of the root account
John F. Haugh II
jfh at rpp386.Dallas.TX.US
Tue Jun 6 16:10:42 AEST 1989
In article <1961 at ubu.warwick.UUCP> mirk at uk.ac.warwick.cs (Mike Taylor) writes:
>Uuuh, are you sure? There seems to be a prevailing feeling that the
>whole of UNIX is something that was cobbled together ar random by
>people writing bits without thinking about whether or not they were
>secure, made sense or whatever.
I would suspect that stopped being the official feeling of AT&T when
UNIX became a commercial product. Commercial operating systems need
to have security features so that buyers will pay real money for
them ...
> While this is largely true of
>Berkeley UNIX, or at least, of those bits that have been added since
>V7, the concept of a root id belongs to fundamental core UNIX, it is
>one of the concepts that Thompson, Richie and friends though long and
>hard about when they were designing UNIX.
Monolithic privilege is simple, elegant and neither secure nor
trustable. Any single flaw in the privilege scheme may be exploited
to obtain complete privilege.
Given the choice between monolithic root privilege, or VMS-like
privileges, I'd much rather have the VMS approach.
--
John F. Haugh II +-Button of the Week Club:-------------
VoiceNet: (512) 832-8832 Data: -8835 | "AIX is a three letter word,
InterNet: jfh at rpp386.Cactus.Org | and it's BLUE."
UucpNet : <backbone>!bigtex!rpp386!jfh +--------------------------------------
More information about the Comp.unix.wizards
mailing list