ABSTRACT

In an age of increasingly sophisticated security tools

(e.g., firewalls, virtual private networks, intrusion detection

systems, etc.), Many people do not consider operating

system security a very sexy topic. Indeed, given that the

UNIX operating system was originally developed in 1969

and that multiple full-length books have been written on

protectingUNIXmachines, onemight be tempted to dismiss

the entire topic as “old hat.” Nevertheless, operating system

security is a crucial component of an overall security pro-

gram. In the words of Anup Ghosh,[1] the operating system

is “the foundation for any software that runs on a machine,”

and this is just as true in the era of E-commerce as it was in

the past. Thus, security practitioners who are even indirectly

responsible for the protection of UNIX machines need to

have at least a basic understanding of UNIX security. This

entry attempts to address that need by providing an overview

of security services common to all flavors of UNIX; security

mechanisms available in trusted UNIX are beyond the scope

of this entry (but see Table 1).