[rescue] Re: [geeks] THIS. MAKES. ME. SICK.

Joshua D. Boyd rescue at sunhelp.org
Fri Jun 15 08:01:56 CDT 2001 

What do you mean that BeOS is a unix without the users?  Be has users.
I'm not sure if it has a /proc/core, but I'd guess is has something else
to provide the same vulnerability.

BeOS does have PIDs.  ACL, I'm not sure about.  It has the same ACL as a
normal unix, but it doesn't provide the sorts of ACL services that
TrustedBSD, OpenBSD, or NT provide.

BeOS has more or less the same memory protection that linux or solaris
has.

I think what you are ultimately trying to refer to (and if so, you could
have just said so), is that on BeOS, unless you configure things
differently (and it is impossible to do so on the console, only on net
connections), you are always logged in as root (well, UID 0, the passwd
file calls that user baron, but just change that and now you are root).

I guess this provides some protection, because things do segfault rather
than trample the system, but it also means that anyone sitting at a BeOS
machine has all the power that someone logged in as root on a solaris box
does, including the ability to intentionally trample everything.

Now, if you want to use BeOS as a server (and I might be the only person
in the world actually interested in doing that), just use the plain VGA
driver, and enable security for FTP, ssh, and whatever other services you
want to run.  It is all there, and in theory, it should be nearly just as
good as running a solaris box (I'm sure in reality it ain't nowhere as
stable or secure since it wasn't meant to take on solaris).

I keep considering buying a P75 type system to use to run  BeOS as a
server.  But then I think, you know, BeOS is pretty much dead, and so what
benifit would there be in trying to write server software for it, which
they never intended for us to do anyway.

I am one of the few people who actually owns several full copies of BeOS
(I have 3, 4, and 4.5, although I think I loaned someone 4.0, and I can't
remeber who).

--
Joshua Boyd

On Fri, 15 Jun 2001, Paul Sladen wrote:

> Ok, so the NT one predominately a dig; BeOS OTOH is `unix-without-the-users'
> if that makes any sense;  Perhaps think of a unix box in single-user mode,
> where there is no protection.
> 
> No acl/pids;  therefore /proc/core and ``no-memory-protection''; it maybe
> even easy.
> 
> I shall have to try it again, though it doesn't like running on my sparcbox.
> Paul
> 
> --
> h: 0115 922 7162   w: 0115 953 1803
> 
> _______________________________________________
> rescue maillist  -  rescue at sunhelp.org
> http://www.sunhelp.org/mailman/listinfo/rescue
>

More information about the rescue mailing list