Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: 1.2 What Is an Operating System?Chapter 1
Next: 1.4 Security and UNIX

1.3 History of UNIX

The roots of UNIX[4] go back to the mid-1960s, when American Telephone and Telegraph, Honeywell, General Electric, and the Massachusetts Institute of Technology embarked on a massive project to develop an information utility. The project, called MULTICS (standing for Multiplexed Information and Computing Service), was heavily funded by the Department of Defense Advanced Research Projects Agency (ARPA, once also known as DARPA). Most of the research took place in Cambridge, Massachusetts, at MIT.

[4] A more comprehensive history of UNIX, from which some of the following is derived, is Peter Salus's book, A Quarter Century of UNIX, mentioned in Appendix D.

MULTICS was a modular system built from banks of high-speed processors, memory, and communications equipment. By design, parts of the computer could be shut down for service without affecting other parts or the users. The goal was to provide computer service 24 hours a day, 365 days a year - a computer that could be made faster by adding more parts, much in the same way that a power plant can be made bigger by adding more furnaces, boilers, and turbines. Although this level of processing is simply assumed today, such a capability was not available when MULTICS was begun.

MULTICS was also designed with military security in mind. MULTICS was designed both to be resistant to external attacks and to protect the users on the system from each other. MULTICS was to support the concept of multilevel security. Top Secret, Secret, Confidential, and Unclassified information could all coexist on the same computer. The MULTICS operating system was designed to prevent information that had been classified at one level from finding its way into the hands of someone who had not been cleared to see that information. MULTICS eventually provided a level of security and service that is still unequaled by many of today's computer systems - including, perhaps, UNIX.

In 1969, MULTICS was far behind schedule. Its creators had promised far more than they could deliver within the projected time frame. Already at a disadvantage because of the distance between its New Jersey laboratories and MIT, AT&T decided to pull out of the MULTICS Project.

That year Ken Thompson, an AT&T researcher who had worked on the MULTICS Project, took over an unused PDP-7 computer to pursue some of the MULTICS ideas on his own. Thompson was soon joined by Dennis Ritchie, who had also worked on MULTICS. Peter Neumann suggested the name UNIX for the new system. The name was a pun on the name MULTICS and a backhanded slap at the project that was continuing in Cambridge (and indeed continued for another decade and a half). Whereas MULTICS tried to do many things, UNIX tried to do one thing well: run programs. The concept of strong security was not part of this goal.

The smaller scope was all the impetus that the researchers needed; an early version of UNIX was operational several months before MULTICS. Within a year, Thompson, Ritchie, and others rewrote UNIX for Digital's new PDP-11 computer.

As AT&T's scientists added features to their system throughout the 1970s, UNIX evolved into a programmer's dream. The system was based on compact programs, called tools, each of which performed a single function. By putting tools together, programmers could do complicated things. UNIX mimicked the way programmers thought. To get the full functionality of the system, users needed access to all of these tools - and in many cases, to the source code for the tools as well. Thus, as the system evolved, nearly everyone with access to the machines aided in the creation of new tools and in the debugging of existing ones.

In 1973, Thompson rewrote most of UNIX in Ritchie's newly invented C programming language. C was designed to be a simple, portable language. Programs written in C could be moved easily from one kind of computer to another - as was the case with programs written in other high-level languages like FORTRAN - yet they ran nearly as fast as programs coded directly in a computer's native machine language.

At least, that was the theory. In practice, every different kind of computer at Bell Labs had its own operating system. C programs written on the PDP-11 could be recompiled on the lab's other machines, but they didn't always run properly, because every operating system performed input and output in slightly different ways. Mike Lesk developed a " portable I/O library" to overcome some of the incompatibilities, but many remained. Then, in 1977, the group realized that it might be easier to port the UNIX operating system itself rather than trying to port all of the libraries. UNIX was first ported to the lab's Interdata 8/32, a microcomputer similar to the PDP-11. In 1978, the operating system was ported to Digital's new VAX minicomputer. UNIX still remained very much an experimental operating system. Nevertheless, UNIX had become a popular operating system in many universities and was already being marketed by several companies. UNIX was suddenly more than just a research curiosity.

Indeed, as early as 1973, there were more than 16 different AT&T or Western Electric sites outside Bell Labs running the operating system. UNIX soon spread even further. Thompson and Ritchie presented a paper on the operating system at the ACM Symposium on Operating System Principles (SOSP) in October 1973. Within a matter of months, sites around the world had obtained and installed copies of the system. Even though AT&T was forbidden under the terms of its 1956 Consent Decree with the U.S. Federal government from advertising, marketing, or supporting computer software, demand for UNIX steadily rose. By 1977, more than 500 sites were running the operating system; 125 of them were at universities, in the U.S. and more than 10 foreign countries. 1977 also saw the first commercial support for UNIX, then at Version 6.

At most sites, and especially at universities, the typical UNIX environment was like that inside Bell Labs: the machines were in well-equipped labs with restricted physical access. The users who made extensive use of the machines were people who had long-term access and who usually made significant modifications to the operating system and its utilities to provide additional functionality. They did not need to worry about security on the system because only authorized individuals had access to the machines. In fact, implementing security mechanisms often hindered the development of utilities and customization of the software. One of the authors worked in two such labs in the early 1980s, and one location viewed having a password on the root account as an annoyance because everyone who could get to the machine was authorized to use it as the superuser!

This environment was perhaps best typified by the development at the University of California at Berkeley. Like other schools, Berkeley had paid $400 for a tape that included the complete source code to the operating system. Instead of merely running UNIX, two of Berkeley's bright graduate students, Bill Joy and Chuck Haley, started making significant modifications. In 1978, Joy sent out 30 copies of the " Berkeley Software Distribution (BSD)," a collection of programs and modifications to the UNIX system. The charge: $50 for media and postage.

Over the next six years, in an effort funded by ARPA, the so-called BSD UNIX grew into an operating system of its own that offered significant improvements over AT&T's. For example, a programmer using BSD UNIX could switch between multiple programs running at the same time. AT&T's UNIX allowed the names on files to be only 14 letters long, but Berkeley's allowed names of up to 255 characters. But perhaps the most important of the Berkeley improvements was the BSD 4.2 UNIX networking software, which made it easy to connect UNIX computers to local area[5] networks (LANs). For all of these reasons, the Berkeley version of UNIX became very popular with the research and academic communities.

[5] And we stress, local area.

About the same time, AT&T had been freed from its restrictions on developing and marketing source code as a result of the enforced divestiture of the phone company. Executives realized that they had a strong potential product in UNIX, and they set about developing it into a more polished commercial product. This led to an interesting change in the numbering of the BSD releases.

Berkeley 4.2 UNIX should have been numbered 5.0. However, by the time that the 4.2 Berkeley Software Distribution was ready to be released, friction was growing between the developers at Berkeley and the management of AT&T, who owned the UNIX trademark and rights to the operating system. As UNIX had grown in popularity, AT&T executives became increasingly worried that, with the popularity of Berkeley UNIX, AT&T was on the verge of losing control of a valuable property right. To retain control of UNIX, AT&T formed the UNIX Support Group (USG) to continue development and marketing of the UNIX operating system. USG proceeded to christen a new version of UNIX as AT&T System V, and declare it the new "standard"; AT&T representatives referred to BSD UNIX as nonstandard and incompatible.

Under Berkeley's license with AT&T, the university was free to release updates to existing AT&T UNIX customers. But if Berkeley had decided to call its new version of UNIX "5.0," it would have needed to renegotiate its licensing agreement to distribute the software to other universities and companies. Thus, Berkeley released BSD 4.2. By calling the new release of the operating system "4.2," they pretended that the system was simply a minor update.

As interest in UNIX grew, the industry was beset by two competing versions of UNIX: Berkeley UNIX and AT&T's System V. The biggest non-university proponent of Berkeley UNIX was Sun Microsystems. Founded in part by graduates from Berkeley's computer science program, Sun's SunOS operating system was, for all practical purposes, Berkeley's operating system, as it was based on BSD 4.1c. Many people believe that Sun's adoption of Berkeley UNIX was responsible for the early success of the company. Another early adopter was the Digital Equipment Corporation, whose Ultrix operating system was also quite similar to Berkeley UNIX - not surprising as it was based on BSD 4.2.

As other companies entered the UNIX marketplace, they faced a question of which version of UNIX to adopt. On the one hand, there was Berkeley UNIX, which was preferred by academics and developers, but which was "unsupported" and was frighteningly similar to the operating system used by Sun, soon to become the market leader. On the other hand, there was AT&T System V UNIX, which AT&T, the owner of UNIX, was proclaiming as the operating system "standard." As a result, most computer manufacturers that tried to develop UNIX in the mid-to-late 1980s - including Data General, IBM, Hewlett Packard, and Silicon Graphics - adopted System V as their standard. A few tried to do both, coming out with systems that had dual "universes." A third version of UNIX, called Xenix, was developed by Microsoft in the early 1980s and licensed to the Santa Cruz Operation (SCO). Xenix was based on AT&T's older System III operating system, although Microsoft and SCO had updated it throughout the 1980s, adding some new features, but not others.

As UNIX started to move from the technical to the commercial markets in the late 1980s, this conflict of operating system versions was beginning to cause problems for all vendors. Commercial customers wanted a standard version of UNIX, hoping that it could cut training costs and guarantee software portability across computers made by different vendors. And the nascent UNIX applications market wanted a standard version, believing that this would make it easier for them to support multiple platforms, as well as compete with the growing PC-based market.

The first two versions of UNIX to merge were Xenix and AT&T's System V. The resulting version, UNIX System V/386, release 3.l2, incorporated all the functionality of traditional UNIX System V and Xenix. It was released in August 1988 for 80386-based computers.

In the spring of 1988, AT&T and Sun Microsystems signed a joint development agreement to merge the two versions of UNIX. The new version of UNIX, System V Release 4 (SVR4), was to have the best features of System V and Berkeley UNIX and be compatible with programs written for either. Sun proclaimed that it would abandon its SunOS operating system and move its entire user base over to its own version of the new operating system, which it would call Solaris.[6]

[6] Some documentation labels the combined versions of SunOS and AT&T System V as SunOS 5.0, and uses the name Solaris to designate SunOS 5.0 with the addition of OpenWindows and other applications.

The rest of the UNIX industry felt left out and threatened by the Sun/AT&T announcement. Companies including IBM and Hewlett-Packard worried that, because they were not a part of the SVR4 development effort, they would be at a disadvantage when the new operating system was finally released. In May 1988, seven of the industry's UNIX leaders - Apollo Computer, Digital Equipment Corporation, Hewlett-Packard, IBM, and three major European computer manufacturers  - announced the formation of the Open Software Foundation (OSF).

The stated purpose of OSF was to wrest control of UNIX away from AT&T and put it in the hands of a not-for-profit industry coalition, which would be chartered with shepherding the future development of UNIX and making it available to all under uniform licensing terms. OSF decided to base its version of UNIX on AIX, then moved to the MACH kernel from Carnegie Mellon University, and an assortment of UNIX libraries and utilities from HP, IBM, and Digital. To date, the result of this effort has not been widely adopted or embraced by all the participants. The OSF operating system (OSF/1) was late in coming, so some companies built their own (e.g., IBM's AIX). Others adopted SVR4 after it was released, in part because it was available, and in part because AT&T and Sun went their separate ways - thus ending the threat against which OSF had been rallied.

As of 1996, the UNIX wars are far from settled, but they are much less important than they seemed in the early 1990s. In 1993, AT&T sold UNIX Systems Laboratories (USL) to Novell, having succeeded in making SVR4 an industry standard, but having failed to make significant inroads against Microsoft's Windows operating system on the corporate desktop. Novell then transferred the UNIX trademark to the X/Open Consortium, which is granting use of the name to systems that meet its 1170 test suite. Novell subsequently sold ownership of the UNIX source code to SCO in 1995, effectively disbanding USL.

Although Digital Equipment Corporation provides Digital UNIX (formerly OSF/1) on its workstations, Digital's strongest division isn't workstations, but its PC division. Despite the fact that Sun's customers said that they wanted System V compatibility, Sun had difficulty convincing the majority of its customers to actually use its Solaris operating system during the first few years of its release (and many users still complain about the switch). BSD/OS by BSD Inc., a commercial version of BSD 4.4, is used in a significant number of network firewall systems, VAR systems, and academic research labs. Meanwhile, a free UNIX-like operating system - Linux - has taken the hobbyist and small-business market by storm. Several other free implementations of UNIX and UNIX-like systems for PCs - including versions based on BSD 4.3 and 4.4, and the Mach system developed at Carnegie Mellon University - have also gained widespread use. Figure 1.1 shows the current situation with versions of UNIX.

Figure 1.1: Versions of UNIX

Figure 1.1

Despite the lack of unification, the number of UNIX systems continues to grow. As of the mid 1990s, UNIX runs on an estimated five million computers throughout the world. Versions of UNIX run on nearly every computer in existence, from small IBM PCs to large supercomputers such as Crays. Because it is so easily adapted to new kinds of computers, UNIX is the operating system of choice for many of today's high-performance microprocessors. Because a set of versions of the operating system's source code is readily available to educational institutions, UNIX has also become the operating system of choice for educational computing at many universities and colleges. It is also popular in the research community because computer scientists like the ability to modify the tools they use to suit their own needs.

UNIX has become popular too, in the business community. In large part this popularity is because of the increasing numbers of people who have studied computing using a UNIX system, and who have sought to use UNIX in their business applications. Users who become familiar with UNIX tend to become very attached to the openness and flexibility of the system. The client-server model of computing has also become quite popular in business environments, and UNIX systems support this paradigm well (and there have not been too many other choices).

Furthermore, a set of standards for a UNIX-like operating system (including interface, library, and behavioral characteristics) has emerged, although considerable variability among implementations remains. This set of standards is POSIX, originally initiated by IEEE, but also adopted as ISO/IEC 9945. People can now buy different machines from different vendors, and still have a common interface. Efforts are also focused on putting the same interface on VMS, Windows NT, and other platforms quite different from UNIX "under the hood." Today's UNIX is based on many such standards, and this greatly increases its attractiveness as a common platform base in business and academia alike. UNIX vendors and users are the leaders of the "open systems" movement: without UNIX, the very concept of "open systems" would probably not exist. No longer do computer purchases lock a customer into a multi-decade relationship with a single vendor.

Previous: 1.2 What Is an Operating System?Practical UNIX & Internet SecurityNext: 1.4 Security and UNIX
1.2 What Is an Operating System?Book Index1.4 Security and UNIX