Unix & X-Windows on 386SX

Tim Wright tim at delluk.uucp
Mon Dec 3 21:00:13 AEST 1990


In <1990Nov30.025126.12879 at fiver> palowoda at fiver (Bob Palowoda) writes:

>From article <2318 at tabbs.UUCP>, by aris at tabbs.UUCP (Aris Stathakis):
>> In <156 at raysnec.UUCP> shwake at raysnec.UUCP (Ray Shwake) writes:
>> 
>>>palowoda at fiver (Bob Palowoda) writes:
>> 
>>>> Anyways it is a sad day when
>>>>buyers are willing to pay more to take a feature out of product. C2 is
>>>>not part of UNIX. It's part of the goverment. I like ISC idea you buy
>>>>it in a different package. What's wrong with that. 
>> 
>> What's wrong with that is that it isn't C2.  The C2 standard states that
>> it must be included in the product, and you cannot have the same product
>> without the C2 security - or else it does not constitute C2.

>  What is the rationale behind this?

Not sure. The C2 security for SCO 3.2 was not part of the product anyway. It
was glued on and the glue shows in places. It does certain things which are
not necessary for C2 (luids) and as far as I can see misses out slightly
on others (aren't you supposed to have ACLs - the group stuff doesn't really
cut it even if you had BSD/POSIX-style multiple-group membership). With
reference to Security for V.4, no you do not have to have any security level
to call your V.4 system UNIX. The AT&T code supplied is not C2 or B2 etc.
rated. I believe AT&T are producing a version and I think it's called System
V/MLS - somebody will probably know better :-)
As has been pointed out, MOST people running unix do NOT want any higher
level security than is already provided. It only gets in the way. I get the
distinct feeling that if you want "high" levels of security, you shouldn't
be running unix in the first place. Any comments ?

Tim
--
Tim Wright, Dell Computer Corp. (UK) | Email address
Bracknell, Berkshire, RG12 1RW       | Domain: tim at dell.co.uk
Tel: +44-344-860456                  | Uucp: ...!ukc!delluk!tim
"What's the problem? You've got an IQ of six thousand, haven't you?"



More information about the Comp.unix.sysv386 mailing list