$Id: security,v 1.1 1996/03/20 20:01:33 paul Exp $

Security
========

There are two areas of security concerns with Solaris Minix:

(1) Security within smx, and

(2) Security within SunOS.

Problems only occur if other users are allowed to mlogin into a
running Solaris Minix.  In practice, these concerns should not be a
problem, as where several SunOS users use a single smx system,
all of them will most likely be students working closely together as a
group.  As a precaution, where students do work in groups, special
SunOS usercodes can be set up and minix run under these usercodes.
This way, user's personal files are not put at risk.


Security within Solaris Minix
=============================

(i) The permissions on the files and directories in the sunroot and
sunusr file systems should be the same as in the official Minix 
distribution.


Security within SunOS
=====================

(i) If other users can use sunread and sunwrite then they can access
SunOS files with the privileges of the user running the minix process.
Sunread and sunwrite can currently be executed by any smx user----
perhaps they should be executable by root only?

(ii) If other users can use sunread then they can read in new smx
programs.  Given that Minix process address spaces may not
be protected from each other, these programs maybe able to
corrupt the memory of arbitrary smx processes.  Also
these programs can make any SunOS system calls.


