[lug] KDE
Peter Hutnick
phutnick at peakpeak.com
Tue Jan 8 10:04:42 MST 2002
> The classic *NIX/Linix security model does show it's age. File access
> limitation and a rather coarse ulimit are ok in a "friendly" environment
> but probably not enough for some higher security demands. There's a reason
> for advanced security features in some *NIX OSs (AIX uses ACLs for example)
> and for the security patches by the NSA. or have a look at some of BSD's
> security features for example. The fact that even root isn't allowed to
> do everything is a big help in certain situations -- most of the recent
> expoits would just not work.
I wonder if Linux guys hang around on BSD lists pulling this sort of
stuff. "I can't get my super-foo NIC working with FreeBSD" "Well,
there's a Linux driver for it :-P"
I hope not.
Anyway, ACL patches for Linux can be had at http://acl.bestbits.at/ and
http://trustees.sourceforge.net/
> BTW, not _everything_ comming from MS is bad, and not every feature NT
> has is snarfed from *NIX :-)
Who said bad? A lot of it is good, but almost none of the good stuff in
bona fide "innovation."
> One of NT's prominent ancessors is VMS/VAX,
> an OS that had some pretty nice security features too ....
I never said that everyting good that they do is from UNIX, but you have
provided example of good stuff being snarfed from somewhere.
I don't even have a problem with that /except/ that 1. they snarf and
break (a.k.a. embrace and extend) and 2. they have built an empire on
these snarfed features, then lament that "we just want to innovate" any
time the smallest effort is made to hold them accountable.
This is rational MS hating, not knee-jerk MS hating ;-)
-Peter
More information about the LUG
mailing list