On Mon, 7 Jul 1997, Alex Romosan wrote:
> >> I don't know about other Unices but at least IRIX has it's /bin/true and > >> /bin/false set to shell scripts as well. It seems that Debian's no worse > >> off than SGIs and other Linux distributions at least. > > > >If there exists at least ONE really insecure Unix, it is called IRIX. There's > >nothing in the line of IRIX so don't be surprised. > > > > /bin/true and /bin/false are also shell scripts on solaris. they are > not on digital unix and aix. it looks like it is a system v thing. so > there. as for irix being insecure, it is a function of the system > administrator (sgi is pretty good at releasing patches). Sorry but I _don't_ think it's appropriate to ask the system administrator to remove 10^6 suid programs on IRIX, all inetd services and non-inetd services just to get _some_ sense of security. IRIX is _not_ secure - it's a fact. Security was never in the design specs for IRIX - useability was probably requirement #1. Why would they create a dozen suid admin-tools if it wasn't for useability alone - it's just plain wrong from a security standpoint. The SGI policy is that you shoulnd't have put an SGI box on the net in the first place if you don't have a firewall to guard it. Strangely - the oses I have _some_ confidence in wrt security are AIX and Digital UNIX. astor -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
