[Info-vax] VMS Privileges Versus Linux Capabilities

[Stephen Hoffman]

On 2016-06-22 21:14:53 +0000, Paul Sture said:

> SETPRV is a special one though.  It doesn't actually go away if you 
> disable it.  Note for the following user SETPRV is enabled in the 
> default privileges, but not in the authorized ones.

Haven't checked this lately, but it used to be that SETPRV in the 
default mask was not honored.  It had to be in the authorized mask.  
Allowing SETPRV from the authorized mask was intended to avoid a user 
ending up nailed by the SET PROCESS /PRIVILEGE=NONE command.  Various 
versions of the IDSM have a write-up on this, and there have been 
previous discussions.

This SETPRV behavior led to a sequence for a username that needs 
privileges initially but you wished to somewhat armor the process 
against subsequent nefarious use of SETPRV: put SETPRV in the default 
mask and not the authorized mask, login with the user, then SPAWN and 
issue the commands requiring privileges, and then log out of the 
subprocess and remove SETPRV.  The SPAWN copied the privilege list from 
the default mask in the parent to the authorized mask in the subprocess.



-- 
Pure Personal Opinion | HoffmanLabs LLC