[Info-vax] The best VMS features, was: Re: openvms renaming file
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Mon May 28 16:33:32 EDT 2018
On 2018-05-28, Johnny Billquist <bqt at softjar.se> wrote:
> On 2018-05-28 21:15, Simon Clubley wrote:
>> On 2018-05-28, Arne Vajhøj <arne at vajhoej.dk> wrote:
>>> On 5/28/2018 1:56 AM, Simon Clubley wrote:
>>>>
>>>> For one obvious example, what exactly is the point of having both
>>>> CMEXEC and CMKRNL privileges on VMS, given how VMS is designed ?
>>>>
>>>> Because of that design, CMEXEC is completely and utterly redundant
>>>> and is just artifical complexity (and a false sense of security).
>>>
>>> I don't think it is.
>>>
>>> It was never intended to be a security feature where getting from EXEC
>>> to KRNL required something special.
>>>
>>> But it did and still does provide two levels of access for code,
>>> that protects against coding errors (but not against malicious code).
>>>
>>
>> All you need to do is to give the user or program CMKRNL privilege and
>> let the program switch into executive mode instead because when you
>> give the user or program CMEXEC privilege, what you are really giving
>> them is CMKRNL privilege.
>>
>> CMEXEC is utterly redundant within VMS as currently implemented.
>
> How about you actually listen and understand what someone said? The use
> case Arne brought up is perfectly valid.
>
I understood what Arne said - he's missed what I am saying. You don't
need CMEXEC privilege to get into executive mode. You can do it with
CMKRNL privilege:
http://h41379.www4.hpe.com/doc/84final/4527/4527pro_017.html
and further more, if you can switch into executive mode with CMEXEC
privilege you can also get into kernel mode without needing CMKRNL
privilege. From the above URL:
|For example, $CMKRNL bypasses the check for CMKRNL privilege that is normally
|required when $CMKRNL is called from executive mode, and $SETPRV calls are
|processed without SETPRV privilege when called from executive or kernel mode.
Like I said, CMEXEC privilege is completely and utterly redundant
within VMS as currently implemented.
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
More information about the Info-vax
mailing list