[Info-vax] Unexpected DECnet Phase IV functionality with possible captive account implications
Tad Winters
tad.vms at gmx.com
Wed May 12 16:49:46 EDT 2021
On 5/12/2021 5:10 AM, Simon Clubley via Info-vax wrote:
> On 2021-05-11, Dave Froble <davef at tsoft-inc.com> wrote:
>> On 5/11/2021 10:44 AM, Stephen Hoffman wrote:
>>>
>>> It's a way of directly activating hunks of a captive environment that
>>> might not be accessible directly.
>>
>> Only if those "hunks" exist.
>>
>
> As I have already mentioned, someone can also copy a command procedure
> of their choosing to the captive account using FAL and then execute the
> command procedure using one of the two methods.
>
> Simon.
>
If you don't want that, set the ownership/protection on the command
procedure so that it cannot be overwritten.
Certainly you don't expect FAL to be implemented to determine if the
target file is a command procedure used as part of the potential group
of command procedures called from a CAPTIVE account, do you?
More information about the Info-vax
mailing list