Isn't Solaris (and Linux) SRV4? Doesn't that account for the vast majority of the *nix code base?
Just as a nit: Solaris has something to do with SVR4 (not sure how much...Sun used to work with AT&T a long time ago and some of that code must be in Solaris), but Linux doesn't. Linus Torvalds was constrained from the beginning not to use anybody's intellectual property to avoid legal issues, so Linux is in effect a from-scratch "clean room" implementation of a mish-mash of various Unix quasi-standard interfaces, some of which are like SVR4, some not.
However, when it comes to security, nothing beats Open Source. Recall Phil Zimmerman, the author of the well-known PGP cryptography system. He and other senior crypto-heads always remind users that, in contrast to what one might guess, cryptography implementations are most secure when their code is public; you depend for security on your algorithm, not on the secrecy of your implementation. The only time you know that an implementation is secure is after as many eyeballs and brains have looked at it as possible. Zimmerman says: don't trust crypto schemes whose code is kept secret. He went so far as to publish his PGP code in a hard-bound book sold in large chain stores (in addition to putting it out electronically to all comers). Linux is in that category. All O/S kernels may be crackable, but if you want the hardest one to crack, you go for the one with the public source. I would bet that Linux is the most secure of the popular general-purpose operating systems.
Our friends at Microsoft, of course, don't even release the specifications of the NTFS file system structure (go try to find a book on it), claiming that they don't want to compromise its security measures. LOL! They actually say that. Shows how much they know.
Regards,
--QwikSand |
