Date: Thu, 1 Nov 2001 21:25:36 +1100 From: "Rob B" <rbyrnes@ozemail.com.au> To: "FreeBSD Questions" <freebsd-questions@freebsd.org> Subject: Re: Tiny starter configuration for FreeBSD Message-ID: <006e01c162bf$8c5d87e0$0b64a8c0@becca> References: <005a01c161ed$a19933c0$1401a8c0@tedm.placo.com> <5.1.0.14.2.20011101165340.02192a40@pop.ozemail.com.au> <005301c162bd$59ac2740$0a00000a@atkielski.com>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Anthony Atkielski" <anthony@atkielski.com> To: "FreeBSD Questions" <freebsd-questions@freebsd.org> Sent: Thursday, November 01, 2001 9:09 PM > Rob writes: > > > Please explain _this_ one? > >The security problems with UNIX > are legion, And the Windows ones are not? >but the two that generally spring to mind instantly are the > all-or-nothing privilege structure of the system (you're either root, and master > of the world, or someone else, and master of nothing), Only partly true. Root is all powerful, but so is any member of the WinNT/2k Administrator group. > and the absence of any > real granularity in access controls (you can control owner, group, and world > permissions, and nothing else). How much more granular do you want? > This sort of lightweight security was fairly common forty years ago when UNIX > was developed, but today it is considered massively insecure. By whom? What is it's replacement? I can set different authentication measures for different applications by using PAM, and I can use Kerberos (which has been on *nix for far longer than on Micros~1 products) to determine permissions > And the big > brother of UNIX had exactly the opposite type of security, i.e., some of the > best that any operating system has ever had. At the time, however, good > security ate up lots of expensive machine resources, and the thought of > strangers banging against a system from computers around the world virtually > never entered anyone's mind. If you are referring to MVS (IIRC this was brought up earlier in this thread), attacks were seen as coming from serial consoles or by rogue programs placed onto the system. None of any of this thread has regarded remote security, only "local" Rob To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?006e01c162bf$8c5d87e0$0b64a8c0>