Super-User IDs - Yuch!
Date: 8 Aug 94 12:45:50 EST
To: firewalls @
GreatCircle .
COM
DEADMAIL: Forwarded to firewalls @
GreatCircle .
COM/cgsmtp
>mjr writes:
> *MOST* operating systems have a superuser ID or privilege,
> except for ones like DOS that don't have it at all. *MOST* operating
> systems that have privileges have a setuid-like construct to permit
> trusted applications to cross boundaries.
Oh contrar mister mjr.
One of the nicer features of the Multi-user Multi-tasking CTOS is that no
root access is neccessary for any system service to function. Therefore no
one can break into a system service and have access to the root (Volume
Password) and thus access to everything. _I know, I know_ you'll say
intruders can then run any service. nooooo Every service's executable file,
in CTOS, is protected in a read-only access directory. Someone wishing to
change the run routines or aquire any protected "authorized" access would
have to know the volume password and that can be up to 12 characters and
encrypted, and no system service is executable during or after boot without
the proper access either.
So, it is easier to protect CTOS than Unix _in_that_one_respect_.
I just wanted to set the record straight.
Please - No flaming.
___________________________________________________________________________
Rodger Rossman |
Unisys Network Administrator | R.ROSSMAN/ARSC @
cgsmtp .
comdt .
uscg .
mil
USCG/Aircraft Repair & Supply Center | voice phone (919) 335-6319
Bldg 63, Weeksville Road |
Elizabeth City, NC 27909 USA | CTOS E-Mail R.Rossman/ARSC
:I speak for no other person or company other than myself:
___________________________________________________________________________
|
|
