Newsgroups: comp.os.minix
Subject: Re: Minix security
References: <372DEE86.5B6805CF@alu.ua.es>
Organization: Rochester Institute of Technology, Rochester, NY
From: aje9383@osfmail.isc.rit.edu (Andrew Erickson)
NNTP-Posting-Host: grace.isc.rit.edu
X-Original-NNTP-Posting-Host: grace.isc.rit.edu
Message-ID: <372e0552.0@isc-newsserver.isc.rit.edu>
Date: 3 May 1999 16:21:38 -0500
X-Trace: 3 May 1999 16:21:38 -0500, grace.isc.rit.edu
Lines: 27
XPident: aje9383
X-Original-NNTP-Posting-Host: 129.21.3.100
XPident: Unknown
Path: star.cs.vu.nl!newsfeed.amsterdam.nl.net!sun4nl!EU.net!howland.erols.net!news-peer1.sprintlink.net!news-in-west1.sprintlink.net!news.sprintlink.net!isc-newsserver.isc.rit.edu!aje9383
Xref: star.cs.vu.nl comp.os.minix:35436

In article <372DEE86.5B6805CF@alu.ua.es>,
Sonia Guardiola Ponsoda  <sgp2@alu.ua.es> wrote:
>I have some questions about minix to make a work. I'll be really pleased
>if
>somebody could help me, thank you.
>
>security: keep the system in good working orden

Minix security, unfortuneately, leaves something to be desired--especially
in a "serious" setting.

How much is left to be desired is highly dependant on what version and what
hardware you are using.  Minix 2.0.2 on a 386 or higher, with reasonable
memory protection, is realitively secure if the permissions, etc. are set up
properly and if (big if!) shadow passwords are used.

MacMinix, at version 1.5.something, is fairly insecure; there is no memory
protection (due to the hardware, partly), there are no shadow passwords, and
the password encryption is very, very weak.  (By "very, very weak" I mean
"maybe better than rot13")

>Thanks a lot.

You're Welcome.

--Andrew Erickson, aje9383@grace.isc.rit.edu
Thou shalt not spam, etc. etc.
