Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site wdl1.UUCP Path: utzoo!watmath!clyde!cbosgd!ihnp4!zehntel!dual!amdcad!fortune!wdl1!jbn From: jbn@wdl1.UUCP Newsgroups: net.unix-wizards Subject: Re: Unix (In)Security Message-ID: <179@wdl1.UUCP> Date: Tue, 15-Jan-85 16:36:36 EST Article-I.D.: wdl1.179 Posted: Tue Jan 15 16:36:36 1985 Date-Received: Sun, 20-Jan-85 06:22:42 EST Sender: jrb@wdl1.UUCP Organization: Ford Aerospace, Western Development Laboratories Lines: 11 Nf-ID: #R:sask:-14100:wdl1:17100031:000:611 Nf-From: wdl1!jbn Dec 4 10:37:00 1984 Another comment on UNIX security: things are getting worse. V7 Unix was substantially tighter than later versions; the only shared objects were files, there weren't too many set-UID-to-root programs, and the semantics of file protection was well understood. Since then, a lot of new machinery has been added inside the security perimeter, which includes the kernel and all set-UID-to-root programs. UNIX at the 4.2BSD level now rivals the giant mainframe operating systems of the 1960s and 1970s, and is equally weak in the security direction. There are just too many primitives and no security model.