RE: [Asrg] Viruses
"Hallam-Baker, Phillip" <pbaker@verisign.com> Wed, 25 June 2003 20:05 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA29277 for <asrg-archive@odin.ietf.org>; Wed, 25 Jun 2003 16:05:15 -0400 (EDT)
Received: (from exim@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5PK4Cj22865 for asrg-archive@odin.ietf.org; Wed, 25 Jun 2003 16:04:12 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VGV1-0005wi-VB for asrg-web-archive@optimus.ietf.org; Wed, 25 Jun 2003 16:04:11 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA29195; Wed, 25 Jun 2003 16:04:08 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19VGV0-000780-00; Wed, 25 Jun 2003 16:04:10 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19VGUu-00077x-00; Wed, 25 Jun 2003 16:04:04 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VGUr-0005tR-1m; Wed, 25 Jun 2003 16:04:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VGUP-0005sP-JN for asrg@optimus.ietf.org; Wed, 25 Jun 2003 16:03:48 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA29037 for <asrg@ietf.org>; Wed, 25 Jun 2003 16:03:30 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19VGHU-0006rd-00 for asrg@ietf.org; Wed, 25 Jun 2003 15:50:12 -0400
Received: from pigeon.verisign.com ([65.205.251.71]) by ietf-mx with esmtp (Exim 4.12) id 19VGHJ-0006r1-00 for asrg@ietf.org; Wed, 25 Jun 2003 15:50:01 -0400
Received: from mou1wnexc01.verisign.com (verisign.com [65.205.251.53]) by pigeon.verisign.com (8.12.9/) with ESMTP id h5PJnK2Q023323; Wed, 25 Jun 2003 12:49:20 -0700 (PDT)
Received: by mou1wnexc01.verisign.com with Internet Mail Service (5.5.2653.19) id <LMLHVLX1>; Wed, 25 Jun 2003 12:49:20 -0700
Message-ID: <2A1D4C86842EE14CA9BC80474919782E0D228C@mou1wnexm02.verisign.com>
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
To: "'gep2@terabites.com'" <gep2@terabites.com>, Barry Shein <bzs@world.std.com>
Cc: asrg@ietf.org
Subject: RE: [Asrg] Viruses
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain; charset="iso-8859-1"
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Wed, 25 Jun 2003 12:49:20 -0700
> >Plus or minus the odd serious bug or misconfiguration operating > >systems such as unix, linux, VMS, MVS, TOPS-20 (going back > 20+ years), > >etc are more or less immune to such problems. > > I guess you can claim that if you dismiss any vulnerability > as an "odd serious > bug". The only O/S security feature I am aware of that is relevant in this regard is the VMS fine grained privileges that allowed processes to be created that did not have network access or did not have file access. There is a similar feature set in Windows NT but the applications appear to be unaware of the reason it should be used. I am unaware of any equivalent system in the UNIX world, chroot is not equivalent. The .NET framework has reinstated the concept of fine grained privs but it will take many years for them to be used by applications. Finger pointing is rarely a good guide to good security practice. I remember the time when people doubted unix would get anywhere because of its notorious security problems and weak security architecture, it does not seem to have had the predicted effect. Phill _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- RE: [Asrg] Viruses Tom Thomson
- [Asrg] Viruses gep2
- Re: [Asrg] Viruses Vernon Schryver
- [Asrg] Re: Viruses wayne
- Re: [Asrg] Re: Viruses Steven F Siirila
- RE: [Asrg] Viruses Hallam-Baker, Phillip
- RE: [Asrg] Viruses Bob Wyman
- RE: [Asrg] Viruses Vernon Schryver
- RE: [Asrg] Viruses Barry Shein
- Re: [Asrg] Viruses Barry Shein
- [Asrg] Re: Viruses Bruce Stephens
- Re: [Asrg] Viruses gep2
- RE: [Asrg] Viruses Bob Wyman
- Re: [Asrg] Viruses Walter Dnes
- Re: [Asrg] Viruses Mark McCarron
- RE: [Asrg] Viruses Barry Shein
- RE: [Asrg] Viruses Barry Shein