Re: Trusted Unices Aren't?

[ark () eltex ru]

-----BEGIN PGP SIGNED MESSAGE-----

nuqneH,

Jeremy Epstein <jepstein () tis com> said :

> > Does that just mean that at least _some_ "hardened unix" vendors just
> > allow generic "suid root" programs running in this environment, thus
> completely trashing the whole MLS model?
>
> B1 and below do not require breaking up root.  B2 and above do.  It really
> has nothing to do with the MLS model.  I believe that CMW+ *does* break up
> root, but I'm not sure of that.  It may also be a configuration option.

"breaking up root" in kernel is useless if you keep running utilities
and daemons suid root..
 
> > Does that mean that you need, say, VMS, if you need _real_ multilevel
> > security?
>
> There are some trusted UNIX systems that are better than others.  If VMS
> underwent the same degree of scrutiny and attack that UNIX does, I'm sure
> we'd find an equivalent number of bugs.  It's a large complex system...

I doubt so. It _did_ undergo numerous attacks for a long time; the reason
is VMS was _designed_ as MLS system and it does not have legacy 
"gimme-all-privileges" applications. It is not completely bug-free, no
software is, but.. 

P.S. what happened to Trusted Xenix, is it officially dead now? 

                                     _     _  _  _  _      _  _
 {::} {::} {::}  CU in Hell          _| o |_ | | _|| |   / _||_|   |_ |_ |_
 (##) (##) (##)        /Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|
 [||] [||] [||]            Do i believe in Bible? Hell,man,i've seen one!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBNitPKKH/mIJW9LeBAQHz4QP/Q8o357iwzmPCO81z1ywLBgKZAEXbkv0Q
Ubu/6XDOC9aixhPA/Hrw9XrKJCVBJRHmSEB2WKtsKqovgV0BERFMeXO5J9nulcEO
Fk5fsPkG/m3yWGxeenF0jUmLj6iby8qo0O0yWujrk235QefcB8u6zdrueSuh4/aD
+DfdJTNNc7s=
=J2O8
-----END PGP SIGNATURE-----