Path: utzoo!utgpu!attcan!uunet!steinmetz!davidsen
From: davidsen@steinmetz.ge.com (William E. Davidsen Jr)
Newsgroups: comp.unix.xenix
Subject: Re: Security
Keywords: Security
Message-ID: <11899@steinmetz.ge.com>
Date: 18 Aug 88 18:14:47 GMT
References: <4@raider.UUCP>
Reply-To: davidsen@crdos1.UUCP (bill davidsen)
Organization: General Electric CRD, Schenectady, NY
Lines: 30


  What you need for security falls into a number of areas. uucp security
was addressed in my posting of a few days ago (I absolutely can't mail
any more copies), so here are a few more ideas.

  For shell you could run Korn shell (ksh). By setting the PATH variable
and then making it readonly, and using the restricted shell, you can
control what can be executed.

  For an editor, I use microemacs in restricted mode. This allows me to
set which command I allow, and to tailor the key maps any way I want.

  Finally you can use chroot to place the user in a virtual machine.
There are some problems with this as far as having multiple copies of
software, or having news in its own partition, etc. I run guest users in
a restricted shell, but at one time I had a complete environment
accessable to any caller. I won't claim it was bulletproof, but in a
year no one broke out.

  You have to find a balance between having great security and the time
it takes to administer a secure system. Someone has to check fancy logs
if you add them, to keep copies of software in sync, to add and delete
things in the secure environment, etc.

  I don't have all the answers, but if you find some way to have a
secure system which isn't more trouble to support, do let me know.
-- 
	bill davidsen		(wedu@ge-crd.arpa)
  {uunet | philabs | seismo}!steinmetz!crdos1!davidsen
"Stupidity, like virtue, is its own reward" -me