[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: Security extensions to Posix (what would have been Posix.1e/2
From:       Jason Zions <jason_zions () INTERIX ! COM>
Date:       1999-06-22 22:24:38
[Download RAW message or body]

> Last year the IEEE
> dropped the standard, because it was not clear when the
> standards would ever be finished.

A technically accurate statement, but woefully incomplete.

IEEE-CS PASC, the committee which develops the POSIX family of standards,
withdrew sponsorship of the 1003.1e and 1003.2c projects for a very simple
reason: nothing had happened with respect to completion of those standards
for a very long time. A more useful question to ask is "Why?" After all,
quite a few other POSIX standards were completed between the time 1003.1e
was originally sponsored (as 1003.6 more than ten years ago).

1) Lack of consensus due to conflicting existing practice. In some areas
covered by the specification, vendors of POSIX-conforming systems had wildly
varying interfaces. Because they all had well-entrenched user bases, and
since the customers using those interfaces were few and unwilling to spend
much money, there was no good for a vendor to spend money to implement a new
interface to the same underlying functionality. Too few customers, and a low
probability that *all* of them would migrate to the new interface so the
vendor could drop support for the old one.

2) Lack of existing practice. Some interfaces included the specification
were, bluntly speaking, pure invention. Rather than base their work on
existing practice, *anyone's* existing practice, the committee put together
a theoretically good interface. The lack of existing practice is a strong
statement that "no one cared"; if there were enough customers with enough
money demanding solutions to those problems, some vendor would have gone
after the solution.

3) "Overcome by events." Some aspects of the POSIX security work were aimed
directly at the US Governments TCSEC (Trusted Computer Security Evaluation
Criteria) - the C2/B1/etc thing. The current state of the world shows the
TCSEC fading in importance, with different criteria for the evaluation of
the security of a system coming to a fore.


> However, there are very interesting ideas described in
> those documents and they provide a good starting point when
> adding better security mechanisms to Unix.

Perhaps. And perhaps they should be looked at very closely to see which
remain good starting points and which should be consigned to oblivion. Don't
get me wrong - I think the discretionary access control parts of 1003.1e are
pretty good. Were the various participants in the work willing to split that
part off from the rest of the document, that might have completed ballot
years ago.

> So I made an agreement with the IEEE, which
> allows me to offer the unfinished standards works for public
> downloading.
> The address is http://www.guug.de/~winni/posix.1e/download.html
> Please note, that re-distribution is not allowed.

This is indeed good news.

> The agreement was made possible by the help of Mary Shepherd
> (IEEE) and
> Casey Schaufler (SGI), the former technical editor of the
> standard. I want
> to thank both for their work and the IEEE for their generous gesture.

Absolutely. This is more evidence that the IEEE continues to increase their
awareness of the way POSIX standards are used in the real world and of their
increasing willingness to make standards more available.

Jason Zions
Chair, PASC System Services Working Group
(I am not speaking on behalf of any IEEE or PASC entity)

[prev in list] [next in list] [prev in thread] [next in thread]