Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site wdl1.UUCP
Path: utzoo!watmath!clyde!cbosgd!ihnp4!zehntel!dual!amdcad!fortune!wdl1!jbn
From: jbn@wdl1.UUCP
Newsgroups: net.unix-wizards
Subject: Re: Unix (In)Security
Message-ID: <179@wdl1.UUCP>
Date: Tue, 15-Jan-85 16:36:36 EST
Article-I.D.: wdl1.179
Posted: Tue Jan 15 16:36:36 1985
Date-Received: Sun, 20-Jan-85 06:22:42 EST
Sender: jrb@wdl1.UUCP
Organization: Ford Aerospace, Western Development Laboratories
Lines: 11
Nf-ID: #R:sask:-14100:wdl1:17100031:000:611
Nf-From: wdl1!jbn    Dec  4 10:37:00 1984


     Another comment on UNIX security: things are getting worse.  V7 Unix
was substantially tighter than later versions; the only shared objects
were files, there weren't too many set-UID-to-root programs, and the
semantics of file protection was well understood.  Since then, a lot of
new machinery has been added inside the security perimeter, which includes
the kernel and all set-UID-to-root programs.  UNIX at the 4.2BSD level now
rivals the giant mainframe operating systems of the 1960s and 1970s, and
is equally weak in the security direction.  There are just too many
primitives and no security model.