Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!wuarchive!gem.mps.ohio-state.edu!ginosko!uunet!ficc!peter
From: peter@ficc.uu.net (Peter da Silva)
Newsgroups: comp.misc
Subject: Viruses, DOS versus UNIX (Re: Low Productivity of Knowledge Workers)
Message-ID: <6383@ficc.uu.net>
Date: 2 Oct 89 14:34:16 GMT
References: <9676@venera.isi.edu> <189@crucible.UUCP> <291@voa3.UUCP> <1989Oct2.113810.24146@twwells.com>
Organization: Xenix Support, FICC
Lines: 20

I made the claim that there have been no security holes reported for
System V.

> What about the one that lets any user trivially truncate the password
> file? And lets the real clever get root access?

OK, one. And this one is trivially avoided by moving /tmp off the
root partition. Which is pretty important to security anyway. For DOS,
there is NO way to keep a user program from writing anywhere in memory,
on the disk, and so on. Like I said, you can't *stop* a dedicated, smart,
and patient attacker. You can slow them down, and you can stop the casual,
stupid, or hasty ones.

As delivered, even Berkeley UNIX is more secure than the best secured
DOS system.
-- 
Peter da Silva, *NIX support guy @ Ferranti International Controls Corporation.
Biz: peter@ficc.uu.net, +1 713 274 5180. Fun: peter@sugar.hackercorp.com. `-_-'
"That is not the Usenet tradition, but it's a solidly-entrenched            U
 delusion now." -- brian@ucsd.Edu (Brian Kantor)