All UNIX system administrators and individuals who are in charge of their own UNIX systems will find this book timely and informative. The author begins with the fundamental concepts of security and reviews the UNIX operating system in terms of these principles. He interjects some of his own experiences along with those of other people working on UNIX system security. He gives full credit to people who have shared their experiences in making UNIX more secure.
The book consists of six chapters:
Introduction to UNIX System Security
Basic User Security Practices
Security for System Administrators
Communication and Network Security
Stalking the Wily Cracker
The Future of UNIX Security
The author offers many useful suggestions for prevention of security breaches and vigilance against attempts to attack the system. He makes the reader aware of the exposure of networked computer systems. The book assumes a good understanding of UNIX, including the file system, permissions, and the use of inodes. Some readers may wish to consult a UNIX manual to review certain script commands.
Farrow also shows how a system can be compromised by someone with good intentions but poor working habits. This possibility should be given serious consideration by developers. Perhaps a validation program could be written to ensure that additions to the operating system do not harm security. I have witnessed a presumed expert (despite ample warning) erase files that took a company four months to recreate.
The author should re-examine his material on government agencies, since few of them have ever designed a computer. Most government security systems are designed to control people. He could also have done a better job of explaining what a Trojan horse is early in the book.
I would have liked to see more discussion of software piracy. Operating system designers and hardware manufacturers have done little to create platforms on which creators of application software and utilities can reap the fruits of their labor. (Exceptions are the machine identity PROM in the 3B2 and a PROM used in a PC printer channel.) This concern does not detract from the book, however. The author states that his interest is in the security of the operating system and the resources it controls. He has done an excellent job.