Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Trusted Unices Aren't?

From: Jeremy Epstein <jepstein () tis com>
Date: Thu, 29 Oct 1998 02:05:34 -0500
At 10:37 PM 10/28/98 -0600, Gordon Greene <Gordon.Greene () netsec net> wrote:

Jeremy Epstein <jepstein () tis com> said :

I've never heard that VMS was designed as MLS, and given the pain they

went

through to get it evaluated, I doubt it was.  Having said that, it
certainly has fewer "gimme-all-privileges" applications (as you correctly
note), for two reasons: it was correctly designed to have granularity of
privileges and there are fewer applications altogether :-)


Actually, there is a B1 VMS system:

http://www.digital.com/security/sevms.htm


Followed by a short description of the features of SE/VMS.

I certainly agree that there *is* a B1 VMS and that it's real B1 (i.e.,
it's been evaluated, and not just marketing hype).  What I said was that
VMS probably wasn't *designed* to be MLS.  Just as there are several
evaluated B1 (and even B2) UNIX systems doesn't mean that UNIX was
*designed* to be MLS.

--Jeremy
---------------------------------+-------------------------------------
| Jeremy Epstein                 |  E-mail: jepstein () tis com          |
| TIS Labs at Network Associates |  Voice:  +1 (703) 356-4938         |
| Northern Virginia Office       |  Fax:    +1 (703) 821-8426         |
---------------------------------+-------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: