| 
|
QuoteRef: kargPA12_2002
topics >
all references >
Group:
security
Group:
memory management
Topic:
strings
Topic:
security leaks and weaknesses
Topic:
stacks
Topic:
limitations of system security
Topic:
security by audit trail
Reference
Karger, P.A., Schell, R.R., "Thirty years later: Lessons from the Multics security evaluation", Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC'02), IEEE Computer Society, pp. 119-126. Google
119 ;;Quote: 1974 security study of Multics is relevant today; like Unix
119+;;Quote: Multics has better security than most systems today; security was a primary goal; no buffer overflows; minimized complexity
202 ;;Quote: Multics avoids buffer overflow -- PL/I strings have a fixed maximum length; data can not be executed; virtual addresses are segmented; stacks grew up instead of down
121 ;;Quote: easily demonstrated malicious software attacks; e.g., a trap door triggered by a password, not found by quality assurance
122 ;;Quote: invisible trap door in a compiler that installed trap doors into Multics; used by Ken Thompson
122 ;;Quote: an attacker can bypass the auditing capabilities of a security system by erasing evidence
123 ;;Quote: QA and ethical hacks are useless against trap doors triggered by a unique key
Group: security (23 topics, 874 quotes)
Group: memory management (11 topics, 367 quotes)
Topic: strings (13 items)
Topic: security leaks and weaknesses (67 items)
Topic: stacks (6 items)
Topic: limitations of system security (39 items)
Topic: security by audit trail (18 items)