Re: Web Site Hacks

[mcnabb () argus-systems com (Paul McNabb)]

>  From shimons () mail bll co il Wed Dec 10 05:54 CST 1997
>  
>  > Date:          Tue, 9 Dec 1997 10:25:23 -0600
>  > From:          mcnabb () argus-systems com (Paul McNabb)
>  
>  > BTW, B-level security isn't the only way to harden an OS, but it is one
>  > of the best ways; and it has the advantage of having thousands of manyears
>  > of thought put into its design, development, and deployment.
>  > 
>  
>  What other ways to harden an OS are you reffering to?

Well, there's Memco's SEOS.  It isn't B1 (or any TCSEC level), but it does
hardened the OS by putting a layer between all apps and the system calls.
Another way is with Argus's DECAF product, which has nothing to do with
TCSEC security but rather implements a capability model inside of the
Solaris kernel, allowing all processes (included those running as root)
to be controlled.

The "living" B-level OSes that I know of are:
        DEC on Digitial Unix
        Sequent on its own stuff
        HP on HP/UX
        Argus on Sun's Solaris
        Data General on it own stuff
        CMW+ on SCO
        Bull's Best-X on IBM AIX (a very primitive B1!)
        Harris on SVR4/Nighthawk (is this still alive?)

This is just off the top of my head, I may have left someone off.

paul

---------------------------------------------------------
Paul McNabb                     Argus Systems Group, Inc.
Vice President and CTO          1809 Woodfield Drive
mcnabb () argus-systems com        Savoy, IL 61874 USA
TEL 217-355-6308
FAX 217-355-1433                "Securing the Future"
---------------------------------------------------------