Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site stat-l Path: utzoo!watmath!clyde!cbosgd!ihnp4!inuxc!pur-ee!CS-Mordred!Pucc-H:Pucc-I:Stat-L:rsk From: rsk@stat-l (Rich Kulawiec) Newsgroups: net.unix-wizards Subject: Re: Unix (In)Security - (nf) Message-ID: <219@stat-l> Date: Wed, 5-Dec-84 01:44:13 EST Article-I.D.: stat-l.219 Posted: Wed Dec 5 01:44:13 1984 Date-Received: Thu, 6-Dec-84 03:50:22 EST References: <141@sask.UUCP> <6200033@uokvax.UUCP> Organization: Purdue University Lines: 12 /***** uokvax:net.unix-wizar / sask!derek / 7:47 pm Nov 30, 1984 */ Are there any flaws which have no way to be plugged? /* ---------- */ I believe the original paper on Unix security by Thompson et. al. points out that the very existence of the superuser represents a flaw in Unix security. As a side note for those looking for references, Berkeley did some work on something called "data-secure Unix" a while back; I think I saw the writeup in the ACM journal on operating systems. -- Rich Kulawiec @ Purdue University Computing Center { decvax, ihnp4, uiucdcs } !pur-ee!rsk & { decwrl, hplabs, ucbvax } !purdue!rsk