Firewalls: Re: Most Secure Unix?

Firewalls
(February 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Most Secure Unix?
From:	Stephen Schaefer - Network Computing Solutions <stephen . schaefer @ imonics . com>
Date:	Thu, 8 Feb 1996 12:51:27 -0500
To:	firewalls @ GreatCircle . COM
In-reply-to:	<9602081105 . AA12965 @ spibm02> (message from Rolf Weber on Thu, 8 Feb 1996 12:05:46 +0100 (MEZ))

>>[Jon Spencer]
>> I think perhaps my point wasn't made clearly.  The firewall can only be as
>> good as the OS on which it exists.  If your firewall is an application
>> on top of an OS, I can break the firewall by breaking the OS.
>> 
>[Rolf Weber]
>i never heard of any breakin possible because of a kernel bug.
>may be i'm wrong, may be it's possible, but i cannot imagine.

The context here seems to be ``break in using only the net'', and thus
the following example may be deemed disallowable, but the last statement
immediately brings to my mind the symbolic-link-to-suid-shell-script bug.

	- Stephen

References:

Re: Most Secure Unix?
From: Rolf Weber <weber @ iez . com>

Indexed By Date	Previous:	RE: ipx routing From: Craig McLellan <mclelcl @ onto . network . com>
Indexed By Date	Next:	Re: Mandatory protection (was: product selection) From: Rick Smith <smith @ sctc . com>
Indexed By Thread	Previous:	Re: Most Secure Unix? From: Rolf Weber <weber @ iez . com>
Indexed By Thread	Next:	Re: Most Secure Unix? From: D . Thomas @ vthrc . uq . edu . au (Danny Thomas)