The file protection mechanism provided in UNIX is insufficient for current computing environments. While the UNIX file protection system attempts to protect users from attacks by other users, it does not directly address the agents of destruction--- executing processes. As computing environments become more interconnected and interdependent, there is increasing pressure and opportunity for users to acquire and test non--secure, and possibly malicious, software. We introduce TRON, a process--level discretionary access control system for UNIX. TRON allows users to specify capabilities for a process' access to individual files, directories, and directory trees. These capabilities are enforced by system call wrappers compiled into the operating system kernel. No privileged system calls, special files, system administrator intervention, or changes to the file system are required. Existing UNIX programs can be run without recompilation under TRON--enhanced UNIX. Thus, TRON improves UNIX secu...

There is nothing mysterious about computer viruses. A working, but easily observable, virus can be written in a few lines of code. Although particular virus attacks may be guarded against, no general defense within one domain of reference is possible; viruses are a natural consequence of stored-program computation. Like other hazards of technology, their threat may be mitigated by cautious behavior and community sanctions. The principle I intend to demonstrate a simple, yet realistic, computer virus for people who may be curious but who have not been motivated to dabble in this shady field. Nothing here will edify folks bent on mischief. The example is made for clarity; it makes no malign effort to hide in obscure recesses of a computer system. It has been expressed in a highly accessible language---the shell language of UNIXÒ systems. Thus it may be understood without resort to "microscope and tweezers." [3] For good cause, it has not been tested. Ostensibly as a public service, but ...