[oclug]Linux too hard?

[Greg Franks]

>>>>> "Shad" == Shad Young <shad.young at sympatico.ca> writes:
    Shad> Actually, Phil, Linux/GNU is based on UNIX and Unix wasn't
    Shad> really designed with security in mind. (do a search for UNIX
    Shad> security and history to see what I'm talking about) UNIX's
    Shad> of any flavor had a hell of a lot of work to do to get
    Shad> secure. Please recall the original Internet worm was
    Shad> prolific because security was so lax. Linux has the benefit
    Shad> of being developed post Internet, when these issues were
    Shad> becoming more serious.

Au contraire.  Unix was designed from day one with security in mind as
it was designed to be multi-user from day one.  One didn't want to
have somebody elses errant programs wiping out ones work.  Contrast
this with windoze, which sort of added multi-tasking on top of a
program loader (Win 3.1).  M$ is still trying to fix that one.  

Further, using `C' as a programming language probably didn't help
either, as one has to to be very careful to avoid the dreaded buffer
overrun.  Regrettably, the number of really good C programmers isn't
that high.  And, at the time that Unix was developed, things like
Insight/Valgrind/Purify didn't exist.  The C library certainly didn't
help here either (man getstr(), scanf(), etc...).  Note that the
Morris worm was a classic stack overrun.

Now, I will admit that Unix never had the security goals of something
like Multics or GCOS or MVS.  But then again, Unix could run on a
PDP-11 (16 bit address space, 128 K Bytes of total memory if you
splurged on split I and D).  Networking everthing under the sun hasn't
helped either.  If you really want to be secure, don't connect your
computer to the outside world.
-- 
   __@               Greg Franks              <|       _~@ __O 
 _`\<,_         Ottawa, Ontario, Canada        |O\   -^\<;^\<, 
(*)/ (*)                                       (*)--(*)%---/(*)
          "Where do you want to go today?"   Outside.