[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

LispM security



    Date: Fri, 21 Dec 1990 17:46 EST
    From: barr@BBN.COM

    It sounds like you may be under some pressure that says, "Why can't
    Symbolics machines be made secure like our Sun workstations?"

    The only meaningful answer is that they are already as secure as Sun
    workstations.  Everyone knows how to hit L1-A on a Sun console, boot
    it up in single-user mode with ">boot vmunix -s", and proceed to edit
    /etc/passwd.  Neither Symbolics nor Sun (nor DEC, nor anyone) is
    likely to change things to prevent you from easily compromising a
    system from its console.  Only physical security (locking up the
    console) is useful in these cases.

    That said, you should look into secure subnets, and the disabling of
    network services.  It *is* possible to attain some degree of security
    on the network interface with Symbolics, Vaxen, Suns, and the rest.
    But you may not like sacrificing ease-of-use to get it.  Where is the
    perfect balance of security with ease-of-use?  That is the Holy Grail.
    For the sake of your Lisp Users, think twice before you make their
    LispMs as hard to use as a Unix box!

While this is all true (or at least reasonable), see the documentation
for the topic "Access Control Lists".