> The
> various company's Trusted Unix systems were mostly compatible, but
> unfortunately, not quite; that's why there was a push to try to
> standardize caoabukutues within POSIX in the first place.
This is a reasonable assumption, but turns out not to have been
the case. The Posix P1003.1e/2c effort began in 1986 as a
/usr/group draft, presented by AT&T's Unix Systems Lab. At the
time only Gould (anyone remeember them?) had actually fielded
anything. We were all under the specter of the "C2 in '92"
directive, and were pretty clueless. The effort moved to POSIX
about a year later because two someones (names withheld until
someone buys me that beer...) felt that AT&T was trying to railroad
their plans into a standard. They were, by the way. So, the
POSIX security group (P1003.6 at the time) became a giant design
committee, representing every vendor of note and many important
customers. The POSIX draft does not reflect the vendor's
implementations, the implementations reflect the draft. The only
exceptions I know of are SVR4ES, which stuck with what they'd
entered the fray with, and HP, which holds tightly to their
SecureWare heritage in some ways.
--Casey Schaufler voice: (650) 933-1634 casey@sgi.com fax: (650) 933-0170
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/