Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!genrad!mit-eddi!smh
From: smh@mit-eddi.UUCP (Steven M. Haflich)
Newsgroups: net.unix-wizards
Subject: Re: Ideas on UNIX security
Message-ID: <314@mit-eddi.UUCP>
Date: Sat, 25-Jun-83 18:26:15 EDT
Article-I.D.: mit-eddi.314
Posted: Sat Jun 25 18:26:15 1983
Date-Received: Sun, 26-Jun-83 01:22:39 EDT
References: ihldt.1703
Lines: 12

It is probably necessary to have a daemon do a sum on all the
commands that root regularly executes.  This file could be summed
in turn, and the result checked *by hand* by the local gestapo-in-
charge-of-system-security.  Of course, an illegit superuser could
hack the summer daemon, but occasional checks by hand could detect
tampering.

One moral about security should be made clear to everyone:

	If you want to keep a text file secure, encrypt it.  Otherwise,
	any file you own is readable (at least) in a great many ways
	by a great many people.