Unix security additions
terryl at sail.LABS.TEK.COM
terryl at sail.LABS.TEK.COM
Thu Mar 14 04:41:39 AEST 1991
In article <1991Mar12.185154.2423 at decuac.dec.com> mjr at hussar.dco.dec.com (Marcus J. Ranum) writes:
>sef at kithrup.COM (Sean Eric Fagan) writes:
>>> mjr at hussar.dco.dec.com (Marcus J. Ranum) writes:
>
>>> Because most people in the Real World need to get work done,
>>
>>Not all unices do. It's possible to configure your machine to not trust
>>anyone;[...]
>>I heard, somewhere (InfoWorld?) that Apple was doing something with a secure
>>unix with secure networking. [...]
>
> When you get really into serious government security glop, you
>basically have to give up networking completely. In fact, network-based
>window systems (name one!) have to be modified, and notions of mandatory
>access control have to be addressed in the window manager. It's called
>the Compartmented Mode Workstation (CMW) and presently DEC, Sun, IBM,
>Apple and maybe others are working on products that will be CMW.
Actually, Marcus only touches the tip of the iceberg. About a year or so
ago, I was talking with a work acquaintance who knows a lot about guv`mint
contracts as they applied to computer purchases. Just the wording alone in the
contracts is a nightmare!!! Talk about DoubleSpeak(TM)...
But to specifically address what Marcus was talking about (window systems),
according to this acquaintance, there is a concept of "secure" windows, (and
natch, there is also a concept of "non-secure" windows..) And one of the things
one can NOT do is "cut" from a "secure" window, and then "paste" into a "non-
secure" window. Can't have that "sensitive" guv`mint data released to the
masses, I guess.....
__________________________________________________________
Terry Laskodi "There's a permanent crease
of in your right and wrong."
Tektronix Sly and the Family Stone, "Stand!"
__________________________________________________________
More information about the Comp.unix.internals
mailing list