[Info-vax] Problem with Filezilla connecting to OpenVMS

Dave Froble davef at tsoft-inc.com
Tue Dec 11 13:40:14 EST 2018 

On 12/11/2018 1:15 PM, Simon Clubley wrote:
> On 2018-12-11, Dave Froble <davef at tsoft-inc.com> wrote:
>> On 12/11/2018 8:39 AM, Bill Gunshannon wrote:
>>> On 12/11/18 8:19 AM, Simon Clubley wrote:
>>>>
>>>> BSS could run privileged programs just fine, but BSS, unlike DCL,
>>>> will never, ever, see the privileges of the program it has just
>>>> started.
>>>>
>>>> The only way for BSS to get privileges is to be run by a privileged
>>>> user.
>>>>
>>>
>>> Well, it's probably a matter of semantics, but a Unix Shell can be
>>> made to run  with privilege when started by an ordinary user, but
>>> that requires using a feature that has been considered dangerous and
>>> a bad idea (even by the man who created it) for a long time.
>>>
>>
>>   From what you're writing, he still created it.  Then the question
>> becomes, how many use the capability.  Perhaps security is based upon
>> usage, regardless of the OS capabilities?
>>
>
> It was a joke David. :-)
>
> To enable the option Bill is thinking of, Brian would already need
> to have root level access.
>
> In VMS land, it would be like saying yes, I can write a program as
> a non-privileged user that runs with full privileges provided you
> give me the password to SYSTEM and then let me use INSTALL to install
> my program will full privileges. :-)
>
> Simon.
>

Our users require SYSLCK.  On VAX it was simple, for me.  On Alpha it 
was much harder, for me.  Ok, Dave's a dummy.  It was still much harder 
for me.

So, there is a UWSS, installed with privs, on every user system.  Can it 
be a security issue?  I don't know.  I will admit that just about 
anything could ultimately be a security issue.

First point, there are users with privs, and they can, and do, install 
images with privs.  It happens.

Second point, which you just don't seem to get.  One does what one has 
to do to get the job done.  Without that, YOU DON'T EXIST!  It's just 
that simple.

So, can there be security issues?  Yes, there can, and most likely are. 
  We do what we can.  Expect more, if you wish to do so.  Doesn't mean 
you're being rational.  Doesn't mean you're going to get any satisfaction.


-- 
David Froble                       Tel: 724-529-0450
Dave Froble Enterprises, Inc.      E-Mail: davef at tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA  15486

More information about the Info-vax mailing list