>
> I think perhaps my point wasn't made clearly. The firewall can only be as
> good as the OS on which it exists. If your firewall is an application
> on top of an OS, I can break the firewall by breaking the OS.
>
i never heard of any breakin possible because of a kernel bug.
may be i'm wrong, may be it's possible, but i cannot imagine.
>
> Well, "impossible" is a very big word to use! Especially, since this is
> exactly what we have. If your assumption is that the firewall is an
> application, then I do agree with you. That is why the functions of a
> firewall need to be a base component of a high assurance OS (so you know
> that they work). Then you run the WWW server on that OS, and you (apparently)
> have the impossible. :-)
>
i don't trust *no* WWW server on *no* OS.
>
> It does matter. And so does limiting the effects of human failure, which will
> always be present. When you make a human SUPER user, you have amplified
> that users mistakes. So here is one path to travel to limit human mistakes.
> But this is not the place for a tutorial on how to deal with the REAL risks
> of a computing environment. Suffice it to say that if you don't deal with
> them, your firewall won't work, your home page will be violated, and
> termites will eat your mouse pad.
>
> That is why I reassert that if your base OS (including the admin environment)
> is not high assurance and does not deal with the real threats, your
> firewall is not very good.
>
i fear this will go to an endless discussion...
IMHO, it's senseless to discuss which OS is secure and which not.
how will you prove it?
my company is a softwarehouse, and we are using a lot of different UNIXes.
a few years ago, we got a new OS which was announced to be a C2 system.
/etc/passwd was owned by 'bin'! every host which appeared in /etc/hosts.equiv
could modify it. i had a really great ROTFL and stopped even thinking about
security classifications.
i know about my configuration, i know how far i can trust it and where the
(possible) vulnerabilities are. that's the most important.
may be a ''high security UNIX`` is useful on a multiuser system. on a firewall,
where root should be the only user, it doesn't hurt, that's all.
rolf
--
-----------------------------------------
Rolf Weber <weber @
iez .
com> | All I ask is a chance
IEZ AG D-64625 Bensheim | to prove that money
++49-6251-1309-113 | can't make me happy.
Follow-Ups:
-
Re: Most Secure Unix?
From: Stephen Schaefer - Network Computing Solutions <stephen .
schaefer @
imonics .
com>
References:
|
|
