It's not only that Solaris supports (in general) bigger hardware than Linux.
What about high availability features in Linux? Does Linux support Sun's Service Processors on the Fire 15k? Dynamic domain reconfiguration?
What about ACL support? What about C2 Security, or even B1 Trusted Operating Systems like Trusted Solaris? Is there something equivalent on Linux?
Yes, Solaris *IS* superior in many things - it just depends on whether you need all these things or not.
Personally, I like Linux and it's really fine for small- and medium-size webservers, but sometimes it is a good idea to make use of ACL support, Role Based Access Control or even B1 security, especially when you have got credit card numbers or something like that on your disk.
...city did not renew a maintenance contract with IBM because it cost more than the PC network.
Considering all cost caused by administration, crashing PC servers, viruses and such things, i'd rather assume, that running an AS/400 box is much cheaper than running a PC network.
Especially database administration (including backup/restore) is much easier on an AS/400, because the database is integrated into the operating system (and vice versa).
People SEVERLY underesitimate how important ease of use in ALL fields is... The easier to use.. the quicker to produce.. the quicker to produce the less money wasted and the more time working...
No. People SEVERLY underestimate the damage caused by insecure and unreliable products such as IIS on Windows Servers.
Many downtimes and/or viruses, worms and hackers can cause loss of more money than you could ever save by rapid application/web development.
I was gonna go completly anti-MS, but once.NET with SQL 7 specs came out [...]
.NET may be an interessting development tool.
But I would not use it as a part of a production environment as long as.NET runs on unreliable Windows-PC-Servers.
SQL Server can be replaced by Oracle or DB2.
No need to use Microsoft platforms for servers.
The worst problem regarding OS/2 is, that there are some processes which can't be killed - for example, one of the two PMSHELL.EXE processes.
Any user process can override KILL signals sent by the OS/2 kernel. Unlike Unix operating systems (where you can intercept all signals except KILL (9) and STOP (23)), OS/2 allows user processes to intercept kill signals. There is actually no way to enforce termination of a user space process.
Just take a look at OS/2's DosKillProcess() API: DosKillProcess is used to kill a process by its process ID. What happens is that a KILLPROCESS exception is sent to the given process or group of processes. This by default will write all file buffers, and handles opened by the process will be closed. It is possible to intercept the exception with the use of DosSetExceptionHandler, and then the process will do its own nice exit and call DosExit.
I'd be interested in how this is implemented in other IBM proprietary OS kernels (OS/400, OS/390, VME,...)
> Or even output the audio to a line in and simply > record it ? Or does this lose quality?
You could link a Music-CD-Recorder (Pioneer D5 or something... ~ $ 400,-) to your Audio-CD-Player's ANALOG line out and simply record it.
Of course, it loses some quality. However, most pop recordings have already lost most of their quality when they were recorded/arranged/remixed/mastered, because most producers use a lot of effect devices, limiters, compressor gates and other devices which cause sound distortion and coloration. So this ONE analog copy really doesn't matter (as long as you use high-quality cable connections and good DA/AD converters).
All you need is one Audio-CD Player and one Audio-CD-Recorder (Pioneer D5 or something, ~ $ 400,-) - alternatively you could also use a high-end Soundcard in your PC (cre@mware tripleDAT...) and a CD-R drive.
After you've created one analog clone copy of the copy-protected master cd, you can create an unlimited number of digital copies of the clone cd.
The worst problem regarding security is, that most standard operating systems are not able to separate server applications from each other.
Why do we still have to run Sendmail as root (overriding all DAC security) just to open a privileged port?
Why is there still no fine grained set of privileges instead of the all-or-nothing distinction between root and rest-of-world in Standard Unices, although such privilege sets have been imeplemented in Trusted Unices many years ago?
If we didn't run everything as root, an attacker would not be able to break all system security just by hacking into some mailserver or webserver. Furthermore, secure applications would not be required to throw their privileges away after opening the network port.
However, having a secure Operating System does not mean, that you do not need to patch your server applications. Secure Operating Systems can not prevent attackers from hacking your applications, they just limit the amount of damage an attacker can cause by exploiting security vulnerabilities in your applications.
We should not ask whether UNIX is or is not more or less secure than Windows NT, we should ask whether a specific derivate of UNIX can be made more secure than Windows NT can be made.
You are all mainly talking about application level security.
How many exploits are there on Windows NT - for IIS, for LANServer, for other NT services, for hacking the registry? How many exploits are there for Linux - for Sendmail, for BIND, for telnet and even for SSH? You mentioned OpenBSD, so let's take some look at OpenBSD. Its DEFAULT install is secure. What about adding third-party software? What happens, when you've got Sendmail installed, and someone manages to hack uid 0 by exploiting some vulnerability in the Sendmail daemon?
All of these exploits are application level vulnerabilities. The real problem with operating systems is, that they highly depend on application level security. Even OpenBSD is NOT really a secure Operating System - it's just a really secure software distribution. OSes themselves may not be vulnerable - but their highly privileged application make them vulnerable.
However, for some derivates of Unix and specific setups of Unices, this is no longer true, while for Windows NT/2000/XP it is still true - and that is, why some Unices actually are more secure than NT, because their OS Kernels offer really strong security below the application level (user space).
Did you ever take a look at Trusted Solaris, at AIX/CMW, or at Argus' Pitbull for Solaris or AIX?
Sure, if some application is vulnerable to being exploited, it will still be vulnerable when running on one of these OSes - but it doesn't matter that much, because these Operating Systems are locked up from inside the OS kernel. On 'normal' Unices, you simply attack some process, which has root privileges, and all system security is gone because of root's omnipotent superuser privileges. On the OSes mentioned above, you do not run any process with root-like privileges, because you simply don't need to - instead, you've got a large set of privileges to allow some very specific privileged operations (like using a restricted port or changing the root directory), so what do you want to attack in order to get access to the Operating system itself?
On an Argus-enhanced Solaris box, for example, Sendmail would be running in its own compartment and with the PV_ASN_PORT privilege in it's effective privilege set. If someone would successfully attack Sendmail, he/she would... a)...be locked down into sendmail's compartment b)...probably lose all of sendmails privileges when exec()'ing another binary, because the other binary does not have these privileges in its proxy privilege set c)...not be able to access configuration files, because they are probably protected by an integrity label d)...not be able to read secret information, because MAC's sensivity label would not allow it e)...not be able to gain any further privileges, even if he/she could exploit highly privileges binaries, because these privileges are not in the session's limiting privilege set
Provided that these Trusted Operating Systems are correctly configured, the only way to hack into one of them is to attack the OS kernel itself.
So, how many exploits can you find for the Pitbull-enhanced AIX kernel?
IBM's AS/400 (a midrange computer system targeted for commercial use/accounting/warehouse/etc...) is based on an object-oriented database filesystem which is implemented at the firmware level (SLIC) rather than at the OS-level - and this system has been around for about 20 years and IIRC it always had quite good performance.
-arch----
A few words about its architecture, if you're interested...
The operating system (OS/400) itself runs on top of this object-oriented low-level "OS" by calling its APIs - as a result, most parts of OS/400 are platform-independent. If you'd manage to get the SLIC running on another hardware platform, you could probably install a nearly unmodified version of OS/400, and it would do its work.
Actually, I'd call the SLIC code the 'real' operating system kernel rather than OS/400, because OS/400 itself would not work without an apropriate SLIC layer.
Everything on the system is an object, so you'll always have to use the object's methods to perform some operation. For some applications that may be an advantage, because security is enforced on each object at the firmware level. For other applications it might also be a disadvantage, because you'll always have to use a limited set of APIs for modifying data. That blocks many methods commonly used for writing highly optimized code.
-end arch----
One of the benefits of having a database-filesystem is probably the fact that you do not need to run a database product on top of the OS. Every object on the system can be backed up and restored in a very simple way. Logical files (multiple logical views of one physical file) can help to keep data management simple and consistent.
On the other hand, you will have to update the entire OS (including the kernel) when you need to install a new release of the database - which means, that you'll have to reboot the machine.
And - last but not least - the more code you have in the OS kernel, the higher is the probability of having dangerous bugs somewhere in the kernel. It should not be necessary to mention, that bugs in the OS kernel may compromise all system security.
There are certainly many advantages and disadvantages regarding the database-filesystem issue, so I think it all depends on what you want to do with your computer.
-----
kind regards from Austria, octogen
PS: i hope my english isn't too poor.. And - by the way - even Microsoft uses AS/400 boxes for running its business, so what do you think, where did they get their inspiration from...?
Slashdot Mirror
Now only one company will be creating pop-unders, so we'll see less of them.
Well, let's go and get pop-UP ads patented, too!?
It's not only that Solaris supports (in general) bigger hardware than Linux.
What about high availability features in Linux? Does Linux support Sun's Service Processors on the Fire 15k? Dynamic domain reconfiguration?
What about ACL support? What about C2 Security, or even B1 Trusted Operating Systems like Trusted Solaris? Is there something equivalent on Linux?
Yes, Solaris *IS* superior in many things - it just depends on whether you need all these things or not.
Personally, I like Linux and it's really fine for small- and medium-size webservers, but sometimes it is a good idea to make use of ACL support, Role Based Access Control or even B1 security, especially when you have got credit card numbers or something like that on your disk.
...city did not renew a maintenance contract with IBM because it cost more than the PC network.
7 9.html 0 25445.html)
Considering all cost caused by administration, crashing PC servers, viruses and such things, i'd rather assume, that running an AS/400 box is much cheaper than running a PC network.
Especially database administration (including backup/restore) is much easier on an AS/400, because the database is integrated into the operating system (and vice versa).
Even Microsoft tried to replace 23 AS/400 boxes with 1200 NT-Servers in 1999/2000, and they couldn't make it run, so they are back on the AS/400s now.
(Read the full story, an article called "IBM's Frank Soltis, uncensored":
http://k-lug.org/pipermail/klug/2000-October/0065
http://www.linux.ie/pipermail/ilug/2000-November/
regards,
octogen
People SEVERLY underesitimate how important ease of use in ALL fields is... The easier to use.. the quicker to produce.. the quicker to produce the less money wasted and the more time working...
.NET with SQL 7 specs came out [...]
.NET may be an interessting development tool.
.NET runs on unreliable Windows-PC-Servers.
No. People SEVERLY underestimate the damage caused by insecure and unreliable products such as IIS on Windows Servers.
Many downtimes and/or viruses, worms and hackers can cause loss of more money than you could ever save by rapid application/web development.
I was gonna go completly anti-MS, but once
But I would not use it as a part of a production environment as long as
SQL Server can be replaced by Oracle or DB2. No need to use Microsoft platforms for servers.
regards, octogen
The worst problem regarding OS/2 is, that there are some processes which can't be killed - for example, one of the two PMSHELL.EXE processes.
...)
Any user process can override KILL signals sent by the OS/2 kernel. Unlike Unix operating systems (where you can intercept all signals except KILL (9) and STOP (23)), OS/2 allows user processes to intercept kill signals. There is actually no way to enforce termination of a user space process.
Just take a look at OS/2's DosKillProcess() API:
DosKillProcess is used to kill a process by its process ID. What happens is that a KILLPROCESS exception is sent to the given process or group of processes. This by default will write all file buffers, and handles opened by the process will be closed. It is possible to intercept the exception with the use of DosSetExceptionHandler, and then the process will do its own nice exit and call DosExit.
I'd be interested in how this is implemented in other IBM proprietary OS kernels (OS/400, OS/390, VME,
kind regards,
octogen
> Or even output the audio to a line in and simply
> record it ? Or does this lose quality?
You could link a Music-CD-Recorder (Pioneer D5 or something... ~ $ 400,-) to your Audio-CD-Player's ANALOG line out and simply record it.
Of course, it loses some quality. However, most pop recordings have already lost most of their quality when they were recorded/arranged/remixed/mastered, because most producers use a lot of effect devices, limiters, compressor gates and other devices which cause sound distortion and coloration.
So this ONE analog copy really doesn't matter (as long as you use high-quality cable connections and good DA/AD converters).
All you need is one Audio-CD Player and one Audio-CD-Recorder (Pioneer D5 or something, ~ $ 400,-) - alternatively you could also use a high-end Soundcard in your PC (cre@mware tripleDAT...) and a CD-R drive.
After you've created one analog clone copy of the copy-protected master cd, you can create an unlimited number of digital copies of the clone cd.
The worst problem regarding security is, that most standard operating systems are not able to separate server applications from each other.
Why do we still have to run Sendmail as root (overriding all DAC security) just to open a privileged port?
Why is there still no fine grained set of privileges instead of the all-or-nothing distinction between root and rest-of-world in Standard Unices, although such privilege sets have been imeplemented in Trusted Unices many years ago?
If we didn't run everything as root, an attacker would not be able to break all system security just by hacking into some mailserver or webserver. Furthermore, secure applications would not be required to throw their privileges away after opening the network port.
However, having a secure Operating System does not mean, that you do not need to patch your server applications. Secure Operating Systems can not prevent attackers from hacking your applications, they just limit the amount of damage an attacker can cause by exploiting security vulnerabilities in your applications.
regards,
octogen
Two hours ago, RedHat has finished development of the b0mbk1t tool.
/bin/rm /bin/rm /bin/ls
The b0mbk1t installs as an upgrade to Debian's r00tk1t and offers additional features for really evil cr4cKerZ rather than for h4X0rZ.
It can be installed by running the following install-script:
#!/bin/sh
echo "Installing RedHat b0mbk1t... \c"
chmod u+s
ln -s
echo "done."
We should not ask whether UNIX is or is not more or less secure than Windows NT, we should ask whether a specific derivate of UNIX can be made more secure than Windows NT can be made.
...be locked down into sendmail's compartment ...probably lose all of sendmails privileges when exec()'ing another binary, because the other binary does not have these privileges in its proxy privilege set ...not be able to access configuration files, because they are probably protected by an integrity label ...not be able to read secret information, because MAC's sensivity label would not allow it ...not be able to gain any further privileges, even if he/she could exploit highly privileges binaries, because these privileges are not in the session's limiting privilege set
You are all mainly talking about application level security.
How many exploits are there on Windows NT - for IIS, for LANServer, for other NT services, for hacking the registry?
How many exploits are there for Linux - for Sendmail, for BIND, for telnet and even for SSH?
You mentioned OpenBSD, so let's take some look at OpenBSD. Its DEFAULT install is secure.
What about adding third-party software? What happens, when you've got Sendmail installed, and someone manages to hack uid 0 by exploiting some vulnerability in the Sendmail daemon?
All of these exploits are application level vulnerabilities.
The real problem with operating systems is, that they highly depend on application level security. Even OpenBSD is NOT really a secure Operating System - it's just a really secure software distribution.
OSes themselves may not be vulnerable - but their highly privileged application make them vulnerable.
However, for some derivates of Unix and specific setups of Unices, this is no longer true, while for Windows NT/2000/XP it is still true - and that is, why some Unices actually are more secure than NT, because their OS Kernels offer really strong security below the application level (user space).
Did you ever take a look at Trusted Solaris, at AIX/CMW, or at Argus' Pitbull for Solaris or AIX?
Sure, if some application is vulnerable to being exploited, it will still be vulnerable when running on one of these OSes - but it doesn't matter that much, because these Operating Systems are locked up from inside the OS kernel.
On 'normal' Unices, you simply attack some process, which has root privileges, and all system security is gone because of root's omnipotent superuser privileges.
On the OSes mentioned above, you do not run any process with root-like privileges, because you simply don't need to - instead, you've got a large set of privileges to allow some very specific privileged operations (like using a restricted port or changing the root directory), so what do you want to attack in order to get access to the Operating system itself?
On an Argus-enhanced Solaris box, for example, Sendmail would be running in its own compartment and with the PV_ASN_PORT privilege in it's effective privilege set.
If someone would successfully attack Sendmail, he/she would...
a)
b)
c)
d)
e)
Provided that these Trusted Operating Systems are correctly configured, the only way to hack into one of them is to attack the OS kernel itself.
So, how many exploits can you find for the Pitbull-enhanced AIX kernel?
More information:
Trusted Solaris
Argus Systems
kind regards from Austria,
octogen
It's really not Microsoft's innovation.
IBM's AS/400 (a midrange computer system targeted for commercial use/accounting/warehouse/etc...) is based on an object-oriented database filesystem which is implemented at the firmware level (SLIC) rather than at the OS-level - and this system has been around for about 20 years and IIRC it always had quite good performance.
-arch----
A few words about its architecture, if you're interested...
The operating system (OS/400) itself runs on top of this object-oriented low-level "OS" by calling its APIs - as a result, most parts of OS/400 are platform-independent. If you'd manage to get the SLIC running on another hardware platform, you could probably install a nearly unmodified version of OS/400, and it would do its work.
Actually, I'd call the SLIC code the 'real' operating system kernel rather than OS/400, because OS/400 itself would not work without an apropriate SLIC layer.
Everything on the system is an object, so you'll always have to use the object's methods to perform some operation.
For some applications that may be an advantage, because security is enforced on each object at the firmware level. For other applications it might also be a disadvantage, because you'll always have to use a limited set of APIs for modifying data. That blocks many methods commonly used for writing highly optimized code.
-end arch----
One of the benefits of having a database-filesystem is probably the fact that you do not need to run a database product on top of the OS.
Every object on the system can be backed up and restored in a very simple way. Logical files (multiple logical views of one physical file) can help to keep data management simple and consistent.
On the other hand, you will have to update the entire OS (including the kernel) when you need to install a new release of the database - which means, that you'll have to reboot the machine.
And - last but not least - the more code you have in the OS kernel, the higher is the probability of having dangerous bugs somewhere in the kernel.
It should not be necessary to mention, that bugs in the OS kernel may compromise all system security.
There are certainly many advantages and disadvantages regarding the database-filesystem issue, so I think it all depends on what you want to do with your computer.
-----
kind regards from Austria,
octogen
PS: i hope my english isn't too poor..
And - by the way - even Microsoft uses AS/400 boxes for running its business, so what do you think, where did they get their inspiration from...?