Path: utzoo!attcan!uunet!husc6!tut.cis.ohio-state.edu!allosaur.cis.ohio-state.edu!bob From: bob@allosaur.cis.ohio-state.edu (Bob Sutterfield) Newsgroups: comp.sys.next Subject: Re: diskless NeXT? (was Re: Announcement vs reality) Summary: Security isn't solved yet Keywords: Next Message-ID: <28506@tut.cis.ohio-state.edu> Date: 28 Nov 88 17:54:15 GMT References: <17846@glacier.STANFORD.EDU> <3638@pt.cs.cmu.edu> <28185@tut.cis.ohio-state.edu> <267@aber-cs.UUCP> <269@aber-cs.UUCP> <28493@tut.cis.ohio-state.edu> Sender: news@tut.cis.ohio-state.edu Organization: The Ohio State University Dept of Computer & Information Science Lines: 45 In article <267@aber-cs.UUCP> pcg@cs.aber.ac.uk (Piercarlo Grandi) writes: >In article <28185@tut.cis.ohio-state.edu> bob@allosaur.cis.ohio-state.edu (Bob Sutterfield) writes: >>Hopefully there will be a way to ignore suid and sgid bits on >>filesystems mounted from the optical disk, at the very least. There >>are lots of other things to worry about. Note those last two phrases. That one detail is only part of a plan that can be implemented using capabilities that are available to us right now. See below... >...security in a networked environment is obtained by suitable >protocol emanating from trusted bases, not by network based physical >restrictions..., Agreed. >...and people have expended vast research efforts on these issues. And they're approaching some potential strategies toward a workable solution. >Projects Andrew and Athena have done a lot of good work on network >security where there are thousands of non trusted machines around, >and there are no restrictions on their use. Go and learn about them. We've looked into the work done at CMU and MIT. The stuff that Athena has produced looks promising, and we expect to adopt some of it. However, (1) As Steve pointed out, it doesn't solve all the problems yet. (2) It's not all generally available yet. (3) Not everything is hooked into it yet (e.g. X, NeWS, NeXT Step). (4) The most interesting and useful parts require source modifications to the software supplied by the various vendors. We have had immense problems getting sources for everything in our stable, and so far only HP and Encore have come through with even part of their stuff. Nothing yet from Sun or Pyramid or BBN, though at least our Sun source tapes are "in the mail". NeXT sources may be awfully hard to come by. Faced with the lack of ability to make the vendors' software more useful in our own environment (because they won't let us), we are forced to resort for now to more distasteful, "heavy handed" strategies. I'm looking forward to GNU. Even if RMS doesn't like security measures, we'll have full sources so we will be able to add whatever we want to.