Path: utzoo!utgpu!watmath!att!ucbvax!CAEN.ENGIN.UMICH.EDU!frank From: frank@CAEN.ENGIN.UMICH.EDU (Randy Frank) Newsgroups: comp.sys.apollo Subject: Re: security bug Message-ID: <44edb1250.001b7ec@caen.engin.umich.edu> Date: 9 Aug 89 16:32:20 GMT References: <109@tugiaik.UUCP> Sender: daemon@ucbvax.BERKELEY.EDU Organization: The Internet Lines: 19 I have mixed feeling about the publishing of security holes; it certainly can make life difficult for those with vulnerable systems until patches are found. However, it also causes patches to be found a lot faster! In the case of Apollo we have regularly complained that way too much Apollo security is "security through obscurity" as opposed to enforced security in the kernel. (The fact that the patches proposed are being made to libraries instead of the kernel leads me to believe that the underlying hole is still there, just made more difficult, i.e., obscure, to exploit.) The fact that Apollo often relies on unpublished interfaces as a way of providing "security" is simply not acceptable. While the standard Unix kernel is by no means fully secure, at least there are no known cases where something is considered secure simply because a hole is unpublished. Apollo needs to provide security that's at least as good as "standard" Unix, which means at a minimum means not viewing unpublished interfaces as secure. Randy Frank