[Info-vax] VMS and security
Arne Vajhøj
arne at vajhoej.dk
Wed Nov 9 21:27:05 EST 2022
On 11/9/2022 8:09 AM, Simon Clubley wrote:
> On 2022-11-08, Arne Vajhøj <arne at vajhoej.dk> wrote:
>> On 11/8/2022 1:29 PM, Simon Clubley wrote:
>>> On 2022-11-07, Dave Froble <davef at tsoft-inc.com> wrote:
>>>> I don't use Linux, but it is my impression that just about everything in Linux
>>>> is from third parties. Nor is Linux restricted to a single vendor.
>>>>
>>>> So why then should VSI be responsible for everything VMS needs?
>>>>
>>>> Gotta love double standards ...
>>>
>>> Well that's a load of bollocks David. We are talking about things
>>> that are integral within Linux, in the same way as, say, RMS, clustering,
>>> and KESU modes are integral within VMS.
>>
>> That was pretty strong words given that you are only 75% correct ...
>>
>
> I've just reviewed my list in the posting that David is responding to
> and I don't see it, so can you tell me which 25% am I wrong about ?
Really?
So if we from that list:
# For example, Linux has mandatory access controls and VMS is still stuck
# back in the DAC world.
#
# There's no ASLR/KASLR support on VMS.
#
# There's nothing like the Unix chroot jails on VMS.
#
# Compiler protections in generated code has been lacking on VMS compared
# to what is available elsewhere, but John in recent years has started
# looking at getting comparable protections in the VMS compilers, when it
# comes to generating code, that currently exist elsewhere.
create a little pop quiz:
Which of the following items:
A) mandatory access controls
B) ASLR
C) chroot jails
D) Compiler protections in generated code
are not "integral within Linux"?
Then you have no idea?
Arne
More information about the Info-vax
mailing list