Firewall Wizards mailing list archives

Re: Trusted Unices Aren't?

From: ark () eltex ru
Date: Fri, 30 Oct 1998 14:58:17 +0300

-----BEGIN PGP SIGNED MESSAGE-----

nuqneH,

Hmm, that's just my opinion but VMS seems to be a system that requires
*MUCH* less changes to become MLS than any general purpose Unix..

Jeremy Epstein <jepstein () tis com> said :

I've never heard that VMS was designed as MLS, and given the pain they

went

through to get it evaluated, I doubt it was.  Having said that, it
certainly has fewer "gimme-all-privileges" applications (as you correctly
note), for two reasons: it was correctly designed to have granularity of
privileges and there are fewer applications altogether :-)


Actually, there is a B1 VMS system:

http://www.digital.com/security/sevms.htm


Followed by a short description of the features of SE/VMS.

I certainly agree that there *is* a B1 VMS and that it's real B1 (i.e.,
it's been evaluated, and not just marketing hype).  What I said was that
VMS probably wasn't *designed* to be MLS.  Just as there are several
evaluated B1 (and even B2) UNIX systems doesn't mean that UNIX was
*designed* to be MLS.

--Jeremy
---------------------------------+-------------------------------------
| Jeremy Epstein                 |  E-mail: jepstein () tis com          |
| TIS Labs at Network Associates |  Voice:  +1 (703) 356-4938         |
| Northern Virginia Office       |  Fax:    +1 (703) 821-8426         |
---------------------------------+-------------------------------------


                                     _     _  _  _  _      _  _
 {::} {::} {::}  CU in Hell          _| o |_ | | _|| |   / _||_|   |_ |_ |_
 (##) (##) (##)        /Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|
 [||] [||] [||]            Do i believe in Bible? Hell,man,i've seen one!

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBNjmp1qH/mIJW9LeBAQGVwgP+IT7ifVPwNBSqyV2a5PD/q+LWT0Sv1nP7
vT1nTxmL9MP8Wmuq90O7x7AmI1BFOf19vYO90UZ4/4RTJpUBdmfE86H5pWGBZ04w
SzWnWUC/9dWPOyIh+Dgjf4Bp1dxWtZJVokmV10M6D9sFKRZ42BO+JAtwJKw1ewf8
4Iys1hM5xLk=
=YkaS
-----END PGP SIGNATURE-----

Current thread:

Re: Trusted Unices Aren't? Paul D. Robertson (Nov 02)
- Re: Trusted Unices Aren't? Gordon Greene (Nov 02)
- <Possible follow-ups>
- Re: Trusted Unices Aren't? jcp01 (Nov 02)
  - Re: Trusted Unices Aren't? Paul D. Robertson (Nov 02)
- Re: Trusted Unices Aren't? ark (Nov 02)
  - Re: Trusted Unices Aren't? Gordon Greene (Nov 02)
- Re: Trusted Unices Aren't? ark (Nov 02)
- Re: Trusted Unices Aren't? David Collier-Brown (Nov 02)
  - Re: Trusted Unices Aren't? Gordon Greene (Nov 02)
    - Re: Trusted Unices Aren't? David Collier-Brown (Nov 02)
    - Re: Trusted Unices Aren't? Gordon Greene (Nov 02)
- Re: Trusted Unices Aren't? David Collier-Brown (Nov 02)
  - Re: Trusted Unices Aren't? Paul D. Robertson (Nov 02)
    - Sidebar on a historical security model David Collier-Brown (Nov 02)
- Re: Trusted Unices Aren't? ark (Nov 02)
  - Re: Trusted Unices Aren't? Gordon Greene (Nov 02)
- Re: Trusted Unices Aren't? Gordon Greene (Nov 02)

(Thread continues...)