[Info-vax] How would you load balance excess webserver traffic between multiple OpenVMS servers?
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Wed Jan 13 14:24:48 EST 2021
On 2021-01-13, Dave Froble <davef at tsoft-inc.com> wrote:
> On 1/13/2021 8:17 AM, Simon Clubley wrote:
>> On 2021-01-12, ultr... at gmail.com <ultradwc at gmail.com> wrote:
>>> On Tuesday, January 12, 2021 at 1:49:51 PM UTC-5, Simon Clubley wrote:
>>>> On 2021-01-12, ultr... at gmail.com <ultr... at gmail.com> wrote:
>>>>>
>>>>> and again assuming what you say is true you just shot down using OpenVMS for any web services.
>>>> Sokath, his eyes open!
>>>>
>>>> For a more detailed reply, see Arne's reply. I agree with everything
>>>> in there.
>>>
>>> well somebody better tell Mark Daniel he just wasted 20 years of his life developing WASD for nothing. :)
>>
>> Even the early versions of WASD had glaring security flaws that survived
>> for years in the wild and which were only found when someone decided to
>> do some security probing of WASD.
>>
>> You know, the same kind of probing that I did for DCL and which revealed
>> a decades-old disastrous security flaw in DCL ?
>
> "DISASTROUS!?
>
> Could you provide documentation on several of the disasters?
>
Well, I would call a non-privileged user on VAX and Alpha being able
to get full control of the system from the DCL prompt disastrous.
As for WASD, the most glaring security flaw I remember was a directory
traversal flaw but there were several other issues identified.
The point I am making David is that outside parties probing a system
or application can reveal security flaws that have been around for years
whether that's a glaring security flaw such as the directory traversal
flaw in WASD or a disastrous flaw in DCL.
There is a problem in the VMS world where some people think that because
no-one has bothered to look for vulnerabilities, then that means there
are no vulnerabilities to be found.
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
More information about the Info-vax
mailing list