[CentOS] SELinux threads, cynicism, one-upmanship, etc.

Bryan J. Smith thebs413 at earthlink.net
Sun Nov 20 00:20:31 UTC 2005

On Sat, 2005-11-19 at 15:02 -0500, Lamar Owen wrote:
> If you look at the problem Windows NT and its children have is that it
> must have compatibility with the simpler, but less secure, Windows 3.0
> Enhanced Mode kernel (as Win95, 98, and ME are all based off this code,
> which actually dates from late in the Windows 2.x 386 cycle).

Yes!  The problem isn't the NT kernel, the _original_ NT/Win32 model
isn't half bad.  It's all the legacy APIs that have _tainted_ the
NT/Win32 kernel.  That's the problem.

Even being a UNIX and OS/2 administrator in 1993, I was a _huge_ fan of
the Windows NT 3.1 design and release in 1994 (I saw the 3.1 Beta early
on).  When Gates gave the go-ahead to MS-DOS 7.0 in 1994, and the
continuation of 386Enhanced Mode in MS-Windows 4.0 -- the bundled
project "Chicago" turned product in Windows 95 -- that was the problem.

A probably that continued through Visual Studio 6.0, which was still
being used internally by MS itself (let alone ISVs) just a few years

The problem isn't the original RBAC/MAC complexity of NT.  The problem
is all the hacks, fixes and non-sense that has been built around it --
all the meanwhile _core_ "Chicago" subsystems have become a part of the
heavilyi tainted NT/Win32 model.  It was _never_ the original design.

RBAC/MAC does _nothing_ to hurt the simplicity of the UNIX piecemeal
model.  You need no further proof of this than other UNIX flavors like
Solaris, who have added RBAC/MAC quite well.  If Linux users refuse to
adopt RBAC/MAC, then many of us will look at Solaris and other UNIX
platforms increasingly.

Bryan J. Smith   b.j.smith at ieee.org   http://thebs413.blogspot.com
For everything else *COUGH*commercials*COUGH* there's "ManningCard"

More information about the CentOS mailing list