[Info-vax] Assembly languages

Tue Apr 12 21:10:02 EDT 2022

In article <t354r6$eth$1 at dont-email.me>, Stephen Hoffman <seaohveh at hoffmanlabs.invalid> writes:
>On 2022-04-12 21:09:18 +0000, Dave Froble said:
>
>> On 4/12/2022 1:34 PM, Simon Clubley wrote:
>> 
>>> The key question is this: Can a non-privileged user who gets code they 
>>> control running in supervisor mode come up with a way to switch to from 
>>> supervisor mode to executive mode or kernel mode ?
>> 
>> No, unless, there is some bug, and any bugs in any code pretty much 
>> calls off any talk of security.
>> 
>> Yes Simon, you found a bug, and it has now been fixed.  Can you still 
>> use the same exploit?
>> 
>> Unless you find another bug, then a non-prived user cannot gain privs, 
>> unless they are granted to that user or process.
>
>Supervisor mode is a trusted mode.
>
>Absent redesigning how an OpenVMS command interpreter works, obtaining 
>full privileges from arbitrary supervisor mode code is feasible.
>
>There's no bug here.
>
>I explained how this path worked to an OpenVMS developer some years ago.
>
>Them: ðŸ˜³

Simply from the virtue of being SUPERVISOR?  If that were true, then what of
USER mode?

-- 
VAXman- A Bored Certified VMS Kernel Mode Hacker    VAXman(at)TMESIS(dot)ORG

I speak to machines with the voice of humanity.