Learning from the past
Marc SCHAEFER (schaefer@alphanet.ch)
Sun, 19 Oct 1997 15:34:18 +0200
In alphanet.ml.security.bug-traq, there are many articles describing
current design vulnerabilities of the proprietary MS-WINDOWS'NT
kernel from the Microsoft software editor.
Conclusions are, notably, that Microsoft doesn't seem to have
learnt anything from the 20+ years of UNIX design, for example in
the system call area and the process/system armour by separating
address space.
UNIX *implementations* have still a long way to become B (except
SCO who sells a Trusted UNIX at rate B1). NT is moving, but not in the
right direction.
PS: the analysis was made through reverse-engineering, because Microsoft
does not document this.
Classifications:
A verified design (not a single system is certified A yet)
B trusted design
C mandatory access controls (most modern UNIX systems)
D trashcan system.
There is a more complete description in bug-traq.
.