Reply to Message
some points that need to be raised
> just look at Stallman's "no passwords, no wheel groups" nonsense.
Don't blame Unix for the fact that Stallman wanted to drag Unix security backwards . Stallman is Stallman. He is not Unix. In fact, he explicitly denies any Unix-ness the moronic "root or peon, no gradations" system of Unix _sucked_ and needed to be fixed
On the other hand, a lot of what's provided by add-on tools can be done in a less centralized fashion using basic Unix privilege separation tools, such as user groups, the suid bit, and so on. The basic system is in fact capable of gradations, though perhaps not to the level of fine-grained control you would prefer. There's also the fact that the simple privilege separation system you deride so readily is, at least, actually effective within the confines of its capabilities, whereas Microsoft's attempts to retrofit for privilege separation have always been exceedingly porous and pointless. In a comparison between Unix and MS Windows architectures, the former most certainly is "designed for security", at least relatively speaking.
The fact that more advanced security architectures now exist in theory, and have been grafted onto Unix systems as add-on systems, does not mean there was not some security design in what came before those more advanced architectures. It just means that, perhaps, those previous designs have been superseded for some use cases. In fact, in some respects it could be argued that the very fact that it is so easy to graft such systems onto Unix platforms without resulting in an easily compromised kludge is, itself, a case of good security design, even if security per se was not the foremost reason for making the platform so extensible in the early days of its design. The fact of its easy extensibility also makes it likely that when the current crop of new security architectures becomes obsolete, they can be swapped out for whatever has arisen to replace them.
In the meantime, systems like MS Windows will be rewritten from the ground up to accommodate new architectures for security purposes, will have those new architectures layered on top as kludges that are highly porous and easily circumvented, or will simply not support such new architectures at all. With that in mind, I'd rather have Unix as the foundation on which my secure system is built.
Meanwhile, a microkernel system like MINIX 3 may eventually rise to a position of prominence and greatly enhance basic platform security. Even if it does so, it'd still essentially be Unix, because of the generally modular design of Unix as a Platonic ideal. The same cannot really be done with something like MS Windows, which would essentially require swapping in a completely new concept of an OS, ensuring that all that survives the transition is a brand With AppArmor and SELinux, a Linux system has a permissions and ACL system that is approximately equivalent in expressivity, albeit not user-friendliness, to the one available in NT since 3.51. The "Microsoft product" is NT, which was designed--yes, from the ground up!--to be a multi-user environment. Hell, NT is even POSIX-compliant (albeit with an external package today, because nobody bothered to use it). The thing is, though--I'm not so insecure in myself that I've got to attach to a _computer operating system_ as my personal and social identity. Maybe you should get that looked at.
You are obviously not a (competent) psychologist, because if you were you would know better than to try to diagnose people over the Internet.
Don't blame Unix for the fact that Stallman wanted to drag Unix security backwards . Stallman is Stallman. He is not Unix. In fact, he explicitly denies any Unix-ness the moronic "root or peon, no gradations" system of Unix _sucked_ and needed to be fixed
On the other hand, a lot of what's provided by add-on tools can be done in a less centralized fashion using basic Unix privilege separation tools, such as user groups, the suid bit, and so on. The basic system is in fact capable of gradations, though perhaps not to the level of fine-grained control you would prefer. There's also the fact that the simple privilege separation system you deride so readily is, at least, actually effective within the confines of its capabilities, whereas Microsoft's attempts to retrofit for privilege separation have always been exceedingly porous and pointless. In a comparison between Unix and MS Windows architectures, the former most certainly is "designed for security", at least relatively speaking.
The fact that more advanced security architectures now exist in theory, and have been grafted onto Unix systems as add-on systems, does not mean there was not some security design in what came before those more advanced architectures. It just means that, perhaps, those previous designs have been superseded for some use cases. In fact, in some respects it could be argued that the very fact that it is so easy to graft such systems onto Unix platforms without resulting in an easily compromised kludge is, itself, a case of good security design, even if security per se was not the foremost reason for making the platform so extensible in the early days of its design. The fact of its easy extensibility also makes it likely that when the current crop of new security architectures becomes obsolete, they can be swapped out for whatever has arisen to replace them.
In the meantime, systems like MS Windows will be rewritten from the ground up to accommodate new architectures for security purposes, will have those new architectures layered on top as kludges that are highly porous and easily circumvented, or will simply not support such new architectures at all. With that in mind, I'd rather have Unix as the foundation on which my secure system is built.
Meanwhile, a microkernel system like MINIX 3 may eventually rise to a position of prominence and greatly enhance basic platform security. Even if it does so, it'd still essentially be Unix, because of the generally modular design of Unix as a Platonic ideal. The same cannot really be done with something like MS Windows, which would essentially require swapping in a completely new concept of an OS, ensuring that all that survives the transition is a brand With AppArmor and SELinux, a Linux system has a permissions and ACL system that is approximately equivalent in expressivity, albeit not user-friendliness, to the one available in NT since 3.51. The "Microsoft product" is NT, which was designed--yes, from the ground up!--to be a multi-user environment. Hell, NT is even POSIX-compliant (albeit with an external package today, because nobody bothered to use it). The thing is, though--I'm not so insecure in myself that I've got to attach to a _computer operating system_ as my personal and social identity. Maybe you should get that looked at.
You are obviously not a (competent) psychologist, because if you were you would know better than to try to diagnose people over the Internet.
Posted by apotheon
1st Nov 2010
