Reflections on UNIX Vulnerabilities


M. Bishop, “Reflections on UNIX Vulnerabilities,” Proceedings of the 25th Annual Computer Security Applications Conference pp. 117–126 (Dec. 2009).



The UNIX operating system was developed in a friendly, collaborative environment without any particular predefined objectives. As it entered less friendly environments, expanded its functionality, and became the basis for commercial, infrastructure, and home systems, vulnerabilities in the system affected its robustness and security. This paper presents a brief history of UNIX vulnerabilities, beginning with a report written in 1981–1983, but never published. It examines how the nature of vulnerabilities has (and has not) changed since then, and presents some thoughts on the future of vulnerabilities in the UNIX operating system and its variants and other UNIX-like systems.

DOI: 10.1109/ACSAC.2009.25