RE: [Full-Disclosure] Support the Sasser-author fund started

["Stuart Fox (DSL AK)" <StuartF@xxxxxxxxxxxxx>]

> All the features required of mature operating systems were 
> added as an afterthought and not designed in. Such things as 
> memory management and file access control 

They've been designed into the Windows NT based OS from the start.

> on a single user/single process/non-network OS. To maintain 
> backward compatibility with DOS and Windows 95, key OS data 
> structures have many assumptions about things like buffer 
> size that lead to buffer overflows. Witness the assumption 
> about machine names that led to Slammer.

Which is an implementation issue, not a design issue.


 The whole Microsoft 
> OS effort has been to grow from a system designed for minimal 
> size machines such as the 640K PC to something that can be 
> used as a system for commerce. Features have been bolted on 
> as they are deemed sellable to make a profit. It wasn't until 
> NT that the file system even had the concept of access 
> control 

So since around 1993 then?

and backward compatibility has meant that the default 
> ACL is give everyone full control.

Which has now changed (and a good thing too)

>   Unix, by contrast, has always been designed as a 
> multi-user/multi-process system so things like file security 
> and separation of processes are inherent.

That's a bit of a stretch.  Unix has had security bolted on after the fact
as well - it's just got about ten years head start on Windows.

Your mail seemed to switch between issues relating to design and issues
relating to implementation - from what I can gather the design of the NT OS
is a good one (Things like ActiveX excluded), but the implementation has
been full of holes.  

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html