Alan R. Hill (email@example.com)
Wed, 8 Apr 87 10:29:50 EDT
History indicates that "whistle blowing" is not generally appreciated
regardless of its well meaning intent. Unless DoD specifies requirements
for Unix use on the internet, I doubt that anything will change.
Although there are lots of security problems with Unix and its
network code, I thought I would relate my experience with this type of
problem. Many years ago I had responsibility for a Unix system that
was used by competing contractors and a government agency. My job was
to prevent importation of non-approved code that could compromise the
integrity of the system. I also had to keep the various groups from
digging into each others files. I modified the access code for the
network and the file system. It took me roughly 2 hours work and
I was able to restrict access by user and source location. I also logged
all access attempts good or bad. My point is that the effort to
dramatically improve control is not costly.
I suggest that this discussion is no longer useful to the
TCP-IP mailing list and can be continued off-line. I generally
approve of comments that will evoke an emotional response since they
will generate much more data than those that are more benign.
This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:38:07 GMT