lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
From: StuartF at datacom.co.nz (Stuart Fox (DSL AK))
Subject: Support the Sasser-author fund started

 
> All the features required of mature operating systems were 
> added as an afterthought and not designed in. Such things as 
> memory management and file access control 

They've been designed into the Windows NT based OS from the start.

> on a single user/single process/non-network OS. To maintain 
> backward compatibility with DOS and Windows 95, key OS data 
> structures have many assumptions about things like buffer 
> size that lead to buffer overflows. Witness the assumption 
> about machine names that led to Slammer.

Which is an implementation issue, not a design issue.


 The whole Microsoft 
> OS effort has been to grow from a system designed for minimal 
> size machines such as the 640K PC to something that can be 
> used as a system for commerce. Features have been bolted on 
> as they are deemed sellable to make a profit. It wasn't until 
> NT that the file system even had the concept of access 
> control 

So since around 1993 then?

and backward compatibility has meant that the default 
> ACL is give everyone full control.

Which has now changed (and a good thing too)

>   Unix, by contrast, has always been designed as a 
> multi-user/multi-process system so things like file security 
> and separation of processes are inherent.

That's a bit of a stretch.  Unix has had security bolted on after the fact
as well - it's just got about ten years head start on Windows.

Your mail seemed to switch between issues relating to design and issues
relating to implementation - from what I can gather the design of the NT OS
is a good one (Things like ActiveX excluded), but the implementation has
been full of holes.  


Powered by blists - more mailing lists