[Info-vax] login information capture
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Wed Feb 19 11:59:58 EST 2014
On 2014-02-19 16:39:20 +0000, pcoviello at gmail.com said:
> it looks like they could just hit return and not put anything in with
> restricted on :-(
The SYSUAF RESTRICT setting on the username involved has nothing to do
with how much text might be input by the user. If any. That's
completely independent.
Even if you decide to test the text content or text length or other
attributes, there's no reasonable way to differentiate whether the
reason string is reasonable and semantically valid, or just random
text. Well, short of performing grammar analysis or such — simple
Bayesian won't get you there — and that sort of processing is a little
much for a typical DCL procedure. Some reasons will be cryptic. Some
humorous. Even grammar analysis would have trouble with "fx rx efi ipb
vms boot err", which could be perfectly reasonable for some support
vendor connecting into the server, for that matter.
Included mostly for humor value, there's
<http://www.commitlogsfromlastnight.com> — same general problem arises
there.
The READ would need an /ERROR or /END_OF_FILE to specifically process
^Z input, as well.
If you really want to know who is accessing and why, then you're likely
headed for some form of two-factor authentication, and that's not what
you had originally asked for.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list