[Info-vax] How dangerous is it to be able to get into DCL supervisor mode ?
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Mon Jul 3 15:56:10 EDT 2017
On 2017-07-03, VAXman- @SendSpamHere.ORG <VAXman- at SendSpamHere.ORG> wrote:
> In article <ojdv9r$t4l$1 at dont-email.me>, Simon Clubley <clubley at remove_me.eisner.decus.org-Earth.UFP> writes:
>>On 2017-07-03, John Reagan <xyzzy1959 at gmail.com> wrote:
>>> Steve's
>>> comment is that once in K,E, or S modes, you have the ability to turn on
>>> any privilege you like which will stay enabled even after you return back
>>> to user mode.
>>>
>>
>>If you can do _that_ in supervisor mode :-(, then I most certainly
>>am not releasing any more information until I've had a chance to
>>explore the crash further. Unfortunately, real life means it's
>>going to be a while before I can really look at it.
>
> I've done an awful lot in supervisor mode. Let me know if/when you think
> you've found something.
>
>>> Taking out the process with DCL bugs has happened from time to time. You
>>> don't get to take out the whole system or access data/files that you don't
>>> have access to. It pretty much is a "you can shoot yourself in the foot,
>>> but can't shoot anyone else's feet".
>>>
>>
>>In light of the possible attack scenario I have just laid out above,
>>and in light of what you have said can be done in supervisor mode,
>>are you still sure about that ?
>
> Let me know when you've figured out how to go from supervisor mode to kernel
> too.
>
That's interesting Brian thanks.
You seem to be implying the situation with supervisor mode is closer
to what I've always believed until recently in that supervisor mode
is heavily restricted as far as the privileged modes go and that
even if you could get into it, there wasn't much damage you could on
a system-wide basis.
However Stephen has suggested more than once recently that if you
can get into supervisor mode, then there's a way to escalate your
access rights even further.
John above has just said pretty much the same thing as Stephen.
As I've mentioned previously, I have never had access to the VMS
source code so I don't know the VMS internals as well as you and
some other people around here do.
As such, I would like to ask those of you here who do have that
level of knowledge, what is the actual situation here ?
Once you manage to get into supervisor mode (regardless of how you
do it), are you constrained from doing any system wide damage
or can you elevate your privileges as John states above or
get into executive/kernel mode as Stephen has stated previously ?
Thanks,
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list