RE: Mounting a "Secure" filesystem in UNIX
-----BEGIN PGP SIGNED MESSAGE----- | From: Sameer <netmail!sameer@uclink.berkeley.edu> | | I was wondering if it was possible to mount a "secure" | filesystem/partition using Linux or some other free version of UNIX, | so that it's inaccessible if logged in remotely, but accessibly when | logged in locally. I know you want to do this with UNIX, but Windows NT allows you do this quite nicely. One of the "groups" of users is INTERACTIVE, another is NETWORK. You can specifically prohibit network users from accessing a file by adding "NETWORK - No Access" to the p ermissions list in File Manager. I do this with secring.pgp and secring.bak, on top of the restriction which allows only me to access the file. So even if someone guesses my password, they can't snoop on my private key except by physically being at my machi ne. == DaveHart@microsoft.com == Opinions are mine, not Microsoft's. == -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLOPOM+mFbAJWprWtAQFihAQAoHfErGrFffPkJHeSdStjH8y+zHUAPv8I b9QP85l/jN545PKDB9iRBpqc6708DeXoR7Brm6vydElYDlvShzfpotcUxHtOO9bH vCGXd/lFKyF3d81Rhckn2DGqH9ab1yw587ofXfAKKzdt3tLpYDCLUdz8eMGLIZCD ILPaiKYryPI= =Nnzg -----END PGP SIGNATURE-----
Dave Hart says:
-----BEGIN PGP SIGNED MESSAGE-----
| From: Sameer <netmail!sameer@uclink.berkeley.edu> | | I was wondering if it was possible to mount a "secure" | filesystem/partition using Linux or some other free version of UNIX, | so that it's inaccessible if logged in remotely, but accessibly when | logged in locally.
I know you want to do this with UNIX, but Windows NT allows you do this quite nicely.
The security properties of Windows/NT are currently unknown since it has seen little real torture testing. I know that people have tried to attack my firewall, and savagely. How many NT boxes have withstood such treatment? The NT security mechanisms are also more complicated, which in my opinion means there are more potential bugs. Lastly, Sameer has full source code to Linux (as does anyone who wants it). NT is a closed system, and there is no way to personally verify that code does what you think it should. I think its best to depend only on source available systems for security if possible. Perry
-----BEGIN PGP SIGNED MESSAGE----- Not that I'm a Windows/NT fan- quite the contrary; although my employer is the largest NT developer in the world behind Microsoft, I personally want no part of NT.
The security properties of Windows/NT are currently unknown since it has seen little real torture testing.
NT is presently being evaluated by the NCSC for C2 status.
The NT security mechanisms are also more complicated, which in my opinion means there are more potential bugs.
Absolutely correct. However, I take some comfort from the fact that Dave Cutler, of VMS fame, was the principal engineer on NT. For all its (myriad) other faults, VMS is fairly secure out of the box.
NT is a closed system, and there is no way to personally verify that code does what you think it should. I think its best to depend only on source available systems for security if possible.
NT doesn't have source available. Neither does SunOS. Both support the same set of "open computing" protocols, so saying NT is closed is specious at best. Like the theoretical capacity of an optical fiber, using source-available OSs as the bedrock for your own secure system is wonderful in theory but extremely limiting in practice. - -Paul - -- Paul Robichaux, KD4JZG | Caution: cutting edge is sharp. Avoid contact. Intergraph Federal Systems | Be a cryptography user - ask me how. ** Of course I don't speak for Intergraph. ** -----BEGIN PGP SIGNATURE----- Version: 2.3a iQCVAgUBLOPh3iA78To+806NAQHmiwQAtb2x4xqaFa+l35IIDCMm/BSQxzW3uoUT HFXCqcUQNv7NZpOZ7J5wAkz39av/etcRFG908cPg0Hw3C5nUP6FooOegfiNicG41 lvsghouOMVKdz6vHIN32xccyVwDO9jTAIuIJmP/85IZInWtZhYYs9GO//EyTddKf SlfpYLDCCQc= =1unt -----END PGP SIGNATURE-----
Paul Robichaux says:
The NT security mechanisms are also more complicated, which in my opinion means there are more potential bugs.
Absolutely correct. However, I take some comfort from the fact that Dave Cutler, of VMS fame, was the principal engineer on NT. For all its (myriad) other faults, VMS is fairly secure out of the box.
And the check is in the mail. At the last site I was at that used VMS, the security patches came in virtually weekly. The thing is more full of holes than swiss cheese. VMS stands for Virtually Missing Security.
NT is a closed system, and there is no way to personally verify that code does what you think it should. I think its best to depend only on source available systems for security if possible.
NT doesn't have source available. Neither does SunOS.
SunOS does have source available. Large companies can buy sources because they feel they need them. Small users can use systems like Linux. How do I get sources to NT? I can get drop in replacements for virtually all the programs on SunOS, from "login" to inetd, and I can hack on them, for free. (BSD utilities work right out of the box most of the time.) How can I do that with NT? Perry
The NT security mechanisms are also more complicated, which in my opinion means there are more potential bugs.
Absolutely correct. However, I take some comfort from the fact that Dave Cutler, of VMS fame, was the principal engineer on NT. For all its (myriad) other faults, VMS is fairly secure out of the box.
I suppose "out of the box" means no DECNET then?
participants (4)
-
Brad Huntting -
Dave Hart -
paul@poboy.b17c.ingr.com -
Perry E. Metzger