Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!sundc!hqda-ai!merlin From: merlin@hqda-ai.UUCP (David S. Hayes) Newsgroups: comp.unix.questions Subject: Re: YA Question about "Secure Unix" Message-ID: <167@hqda-ai.UUCP> Date: Wed, 17-Dec-86 13:35:03 EST Article-I.D.: hqda-ai.167 Posted: Wed Dec 17 13:35:03 1986 Date-Received: Thu, 18-Dec-86 03:43:48 EST References: <1485@brl-adm.ARPA> <1417@ttrdc.UUCP> Organization: Army AI Center, Pentagon Lines: 25 Summary: No, better (or worse) In article <1417@ttrdc.UUCP>, levy@ttrdc.UUCP (Daniel R. Levy) writes: > Does this Gould "Secure Unix" enforce a reasonably small upper limit > << max process size on lengths of pathnames passed to system calls? I had some of this explained to me by a Gould salesman at last year's Federal Computer Conference, so it may not be right, but: I assume you'd like to do strange things to some files that you aren't supposed to touch. Perhaps go searching for directories by trying a whole lot of possible file names? (Can you say SLOW? I knew you could :-) The gould maintains two separate worlds: one trusted, one not. The trusted world looks like unix has always looked, with /etc/passwd and all that. The untrusted world is the same file system (no chroot(2)), but many of the system files do not appear there. It's just not possible (supposedly) to namei them unless you're already in the trusted world. Note that, since there's no chroot being done here, ALL files will appear to a trusted user, and appear in their proper places. -- David S. Hayes, The Merlin of Avalon PhoneNet: (202) 694-6900 ARPA: merlin%hqda-ai@brl-smoke UUCP: ...!seismo!sundc!hqda-ai!merlin