C2, security & naive users
Phil Meyer
phil at inetg1.Arco.Com
Sat Mar 16 04:06:15 AEST 1991
In article <8180 at rsiatl.Dixie.Com>, meo at Dixie.Com (Miles ONeal) writes:
> John F Haugh II writes:
>
> |...Naive users do not
> |fully understand what the difference between a "rated" and an
> |"unrated" system are - there are very real differences and...
>
> Which naive users? One would expect that the defense community
> (at whom the C2, etc ratings are directed) would not be buying
> purely out of naive trust in a spec and a vendor. Perhaps they
> might even look into things themselves...
>
I'm certain that John refers to users like our Security people who are going
to demand C2 security on all of our systems. Not because we are DOD, because
we are not! They will demand C2 just beacuse it exists, and they feel it will
help prevent 'Security Problems' from happening.
To my knowlegde. our Security people are pretty good, but they don't have a
UNIX guru amongst them. So they must be naive.
The only thing I can say about C2 is: 'What a pain!' But even I must bow to
the logical benefits of improved security. I just don't agree with the
implementations.
--
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
| Phil Meyer phil at arco.com Work:(214) 754-6805 |
+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
More information about the Comp.unix.programmer
mailing list