adamsb@un.org wrote: > > Back on 1/25/96 Robert posted: > > > My main subject at work is the "secure" installation of Sun workstations. > > Watch out for operating system upgrades putting unexpected holes in secure > workstations. I have seen several occasions where a Sun OS was upgraded on > a secure workstation and the upgrade added a new hole. This is the exception, rather than the rule, of course. Of particular note, SunOS 4.1.x is swiss cheese these days, while Solaris 2.5 is significantly more secure. Perhaps of exceptional significance to securing systems, is the "autoinstall" feature that became available with Solaris - it inspired a locally written system of shell scripts, that run around tightening every security hole we can think of a fix for (or find a patch for), every time we install a machine, or run a "bring this machine up-to-date on its fixes" script (with signifcant code sharing between the former and latter). Introduction? Uh, I work on securing machines in an academic environment (contradictory?) The platforms I concern myself with are mainly Sun, SGI and DEC. I bother with SunOS 4.1.x and Ultrix as little as possible, anymore.