Re: [tlug] For all you vi heathen ;-)

["Curt J. Sampson" <cjs@example.com>]

On 2020-07-18 00:39 +0900 (Sat), Benjamin Kowarsch wrote:

> Running VMS is about the smartest approach to security on this planet.

These kinds of statements are exactly why so many people set up such
terribly insecure systems. A product does not give you good security. Ever.

> Well, on VMS a "restricted shell"  is called a captive account
> and it actually performs to specification, not best effort.

Hard as it is to get things to perform to specification, it's even harder
to ensure that the specification itself is correct.

> ...being handed out to anybody who would email in and ask for one. Nobody
> has ever managed to break out.

Oh dear. "I don't know of of any failures" == "There have been no failures."

> There is a difference between system design with security designed in
> from the start, and system "design" with "security" bolted on afterwards.

Certainly! If you know this, I find it surprising you recommend OpenBSD to
people wanting to be more secure.

cjs
-- 
Curt J. Sampson      <cjs@example.com>      +81 90 7737 2974

To iterate is human, to recurse divine.
    - L Peter Deutsch