From: "Perry E. Metzger" <pmetzger@lehman.com>
Date: Fri, 12 Nov 93 10:49:49 PST
To: Dave Hart <davehart@microsoft.com>
Subject: Re: Mounting a "Secure" filesystem in UNIX
In-Reply-To: <9311121819.AA25880@netmail.microsoft.com>
Message-ID: <9311121848.AA03516@snark.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain



Dave Hart says:
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> | From: Sameer  <netmail!sameer@uclink.berkeley.edu>
> |
> | 	I was wondering if it was possible to mount a "secure"
> | filesystem/partition using Linux or some other free version of UNIX,
> | so that it's inaccessible if logged in remotely, but accessibly when
> | logged in locally.
> 
> I know you want to do this with UNIX, but Windows NT allows you do this 
> quite nicely.

The security properties of Windows/NT are currently unknown since it
has seen little real torture testing. I know that people have tried to
attack my firewall, and savagely. How many NT boxes have withstood
such treatment? The NT security mechanisms are also more complicated,
which in my opinion means there are more potential bugs. Lastly,
Sameer has full source code to Linux (as does anyone who wants it). NT
is a closed system, and there is no way to personally verify that code
does what you think it should. I think its best to depend only on
source available systems for security if possible.

Perry