[Info-vax] DCL vulnerability write up on The Register
Jan-Erik Soderholm
jan-erik.soderholm at telia.com
Sun Feb 18 03:50:58 EST 2018
Den 2018-02-18 kl. 09:16, skrev Phillip Helbig (undress to reply):
> In article <dfe3065f-4c98-475a-9b37-816728722413 at googlegroups.com>,
> neillclift at gmail.com writes:
>
>> On Tuesday, February 6, 2018 at 5:07:40 AM UTC-8, Simon Clubley wrote:
>>> The DCL vulnerability now has an article at The Register:
>>>
>>> https://www.theregister.co.uk/2018/02/06/openvms_vulnerability/
>>>
>>
>> Is this some kind of joke? The article suggests getting from
>> supervisor to kernel is something of a big deal when I was doing this
>> 25+ years ago by activating a privileged image from supervisor and
>> borrowing it's privileges.
>
> The headline describes VMS as "the operating system world's elderly
> statesman". First, "elder", not "elderly". Second, hyphenate
> "operating-system" since it is a compound adjective here. The writer
> can't even master the basic elements of English style. What do you
> expect?
>
> The "main thread here id dodgy or bribed employees seeking to commandeer
> systems, rather than outside hackers"? Probably most in a position to
> exploit the bug would have privs anyway.
>
I do not know of VMS systems in general, but on our boxes no non-prived
users has access to DCL. They are all "captive" within the menu system.
More information about the Info-vax
mailing list