[Info-vax] "Trusted" detached processes
IanMiller
gxys at uk2.net
Mon Sep 14 05:35:05 EDT 2009
On Sep 13, 12:19 am, "Richard Maher" <maher... at hotspamnotmail.com>
wrote:
> Hi Ian,
>
> "IanMiller" <g... at uk2.net> wrote in message
>
> news:97da14d0-b5b4-41e6-a7a1-5c0383f73757 at g31g2000yqc.googlegroups.com...
>
> > On 12 Sep, 12:46, "Richard Maher" <maher... at hotspamnotmail.com> wrote:
>
> > Amongst the usual ranting I think there is a technical question - "Is
> > there some disadvantage to using PRC$M_TCB that Richard does not know
> > about?"
> > Is that it?
>
> Well, I liked mine better :-) However, if your succinct distillation is more
> answerable then I'm happy to run with it.
>
> Anyway, I find the prospect of some people actually being as incompetent as
> I have portrayed too frightening to contemplate so I'm half hoping that
> there is something with the TCB flag I missed or, far more appealing, some
> design decision by Rdb, perhaps to position the $setuai in a process that
> will also have to run user-code, has left them ham-strung. (Why don't they
> run loginout.exe for their Execution Servers anyway?)
>
> Cheers Richard Maher
>
> PS. If anyone can find more doc than the following about it then please pass
> a pointer.
>
> /TRUSTED
>
> Specifies that the created process is part of the Trusted
> Computing Base (TCB) and performs its own auditing. The /DETACH
> qualifier is required as well as the IMPERSONATE privilege.
>
> PRC$M_TCB Mark a process as part of the trusted computing base (TCB).
> As such, it is expected to perform its own auditing. IMPERSONATE privilege
> is required.
Setting this flag then sets psb$l_noaudit to non-zero which appears
to suppress some auditing. Apart from that it does not seem to do
anything bad.
More information about the Info-vax
mailing list