Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!watmath!clyde!bonnie!akgua!mcnc!ecsvax!bet From: bet@ecsvax.UUCP Newsgroups: net.unix-wizards,net.rumor Subject: Re: Unix (In)Security Message-ID: <3558@ecsvax.UUCP> Date: Fri, 7-Dec-84 21:02:21 EST Article-I.D.: ecsvax.3558 Posted: Fri Dec 7 21:02:21 1984 Date-Received: Sun, 9-Dec-84 06:25:21 EST References: brl-tgr.6445 sask.141 milo.778 Lines: 15 Xref: watmath net.unix-wizards:10867 net.rumor:581 Wait, wait, wait, formally 'prove" VM secure? Gaaak. Not physically possible -- it runs on an IBM S-370, and emulates complete S-370's for each user -- including permitting users to run code in supervisor state, which lets them run channel control programs, which can do mindbogglingly complex things... VM, last I heard, attempts to look at a channel control program to figure out what it might do before it runs it, though I heard there were bugs in the attempt to sniff them out when the channel control programs were self-modifying. I saw an article about a year and a half or two years ago, which concluded basically that VM is pretty secure these days since anybody bright enough to decrypt the IBM documentation will be having more fun and making more money playing with UNIX -- security through obfuscation. Bennett Todd ...{decvax,ihnp4,akgua}!mcnc!ecsvax!bet