[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference iosg::all-in-1_v30

Title:*OLD* ALL-IN-1 (tm) Support Conference
Notice:Closed - See Note 4331.l to move to IOSG::ALL-IN-1
Moderator:IOSG::PYE
Created:Thu Jan 30 1992
Last Modified:Tue Jan 23 1996
Last Successful Update:Fri Jun 06 1997
Number of topics:4343
Total number of notes:18308

2165.0. "HOW TO PROTECT DRAWERS AGAINST PRIVILIGED USERS" by COL01::KLOCKE () Wed Jan 27 1993 19:58

T.RTitleUserPersonal
Name		DateLines
2165.1If you don't trust people - take their privs away!IOSG::PYEGraham - ALL-IN-1 Sorcerer's ApprenticeWed Jan 27 1993 22:1930
    Generally speaking, privileged users will be able to read anything they
    like anyway. All you can do is make it a bit harder for them, and stop
    them stumbling across interesting things.
    
    If you can't trust your privileged users, take their privileges away.
    If you can't do that, remind them that using their privileges to read
    someone's mail is the same as searching through the paper mail in their
    desk. Both of these are offences you can be fired form the company for.
    
    You can still do a loop through the partition file looking for
    interesting things.
    
    Regarding FDLs, they don't need the owner field at all IMO, I'd remove
    it completely. We try to remove them from any FDLs we ship if possible.
    
    Your command procedure OA$LIB_SHARE:GETPRV.COM can be simplified by
    testing for all privileges at once:
    
      $ Prv_value = f$priv("SYSPRV") .or. f$priv("BYPASS") .or. f$priv("GRPPRV")
    
    Similarly your ALLIN1.COM procedure can be simplified using the F$SETPRV
    lexical:
    
    	Saved_privs = f$setprv( "NOSYSPRV,NOBYPASS,NOGRPPRV" )
    
    resetting them with:
    
    	Dummy = f$setprv( Saved_privs )
    
    Graham
2165.2Fire the mail hackersGTI205::REDMONDThoughts of an Idle MindThu Jan 28 1993 14:048
I agree with GAP.  If your privileged users are messing around then they 
should be fired.  Making this a company policy usually cures the desires of 
hot sweaty hackers who engage in this kind of activity. Anyone with privs 
and a knowledge of FOR PARTITION... and CABINET SET_DRAWER can easily get 
around the command procedure check.  But maybe you're just blocking the DCL 
types who use ALL-IN-1 rarely and couldn't care about scripting and the like? 

Tony
2165.3Protect Users to become a spyCOLA1::KLOCKEThu Jan 28 1993 19:4911
2165.4Two more holes detectedCOL01::KLOCKEWed Feb 17 1993 16:5932
2165.5I think it is too easyIOSG::TALLETTGimmee an Alpha colour notebook...Wed Feb 17 1993 22:5414
    
    	In contrast to the comments of "Take away their privs if you
    	don't trust them" I quite like the idea of separating ALL-IN-1
    	access from VMS access. True, someone with CMEXEC can access
    	anything on a given machine, but why make it easy for them? Not
    	everyone has the time/patience/know-how. Its a bit like locking
    	your drawers in your desk and leaving the keys on a hook on the
    	wall. It raises the stakes if you get caught.
    
    	I don't believe most people with BYPASS were given it so that they
    	could SMU to everyone's account.
    
    Regards,
    Paul