[Info-vax] Command Procedure Pipe output to a variable

[Scott Dorsey]

Simon Clubley  <clubley at remove_me.eisner.decus.org-Earth.UFP> wrote:
>
>Just one example: the implementation of proxies in DECnet opens up
>a _massive_ security hole in today's world as DECnet was designed
>in a world where you assumed 100% trust in the network and in all
>the devices attached to it.

There are still plenty of networks where you can make that assumption.
The internet is not one.  But not everything is the internet, no matter
how hard the "cloud people" try to make everyone think it is.

A lot of bad things happened in the opening of the internet when protocols
designed that way suddenly had to be used over untrusted links.  Even worse
stuff happened to the telephone network when SS7 was extended onto untrusted
links.  But not all networks have untrusted links.

>The idea that a machine can impersonate a server simply by using the
>same network address without needing any other information such as
>certificates or shared secrets is unacceptable today.

It's certainly unacceptable on the internet, but not everything is the
internet.
--scott

-- 
"C'est un Nagra. C'est suisse, et tres, tres precis."