Subject: Re: simh and NetBSD
To: Johnny Billquist <bqt@update.uu.se>
From: Lord Isildur <mrfusion@uranium.vaxpower.org>
List: port-vax
Date: 06/11/2003 16:02:46
i disagree with the contention that the model in unix is lame. To the
contrary, it is the minimum mechnism necessary to implement any other
model on top of it. You want multiple levels of privilege? the unix model
does allow something else to be built on top of it. You want no security
at all? just run everything as root. You want groups, acls, rings, and so
on? all can be implemented on top of the unix model.
Now, to say that it _can_ and to say that either it has ever been done,
or that it has ever been done _well_, that is a different story *grin*
isildur
On Wed, 11 Jun 2003, Johnny Billquist wrote:
> On Tue, 10 Jun 2003, Brian Hechinger wrote:
>
> > On Mon, Jun 09, 2003 at 11:29:38PM -0400, John Klos wrote:
> > >
> > > I seriously doubt that ANY email client will ever duplicate the
> > > functionality of Outlook. Its ability to run foreign code is unparalleled.
> > > Even if someone can duplicate that, building a security system into Unix
> > > to allow the email client to have unfettered access to all of the system's
> > > resources is a daunting task in itself, and could take years to duplicate.
> >
> > this has .sig written all over it. ;)
>
> It's a wonderful quote.
>
> Unfortunately the security model of Unix is one of its weakest points. The
> fact that windows have "improved" on it is no small achievement. But we'd
> better not start boasting about the idea that root can do everything, and
> you have to be root to do anything beyond normal usage (the windows
> improvement was the removement of the "beyond normal usage" :-)
>
> And yes, I know that *some* improvement has come about in Unix, by the use
> of groups, which *sometime* can solve the problem without having to fall
> back to root, but really, it's still a lame security model.
>
> Johnny
>
> Johnny Billquist || "I'm on a bus
> || on a psychedelic trip
> email: bqt@update.uu.se || Reading murder books
> pdp is alive! || tryin' to stay hip" - B. Idol
>
>