02335@UWAV4.BITNET (03/21/86)
Subject: VMS security -- shared logical name table security >From: McGuire_Ed%GRINNELL.Mailnet@MIT-MULTICS.ARPA >I talked to CSC recently about the ACL hole in logical name table security, and >they said that under V4.2 a user gets a privilege violation if she tries to put >an ACL on a group table in a different group, so it is only necessary to >protect LNM$SYSTEM_TABLE (and that the bug would be fixed in V4.3). But the >mail discussing the security problem in this forum indicates that the bug >applies to group name tables. What gives? Has anybody actually tried to break >group tables under V4.2? ============================================================================= I have used group tables under VMS 4.2 to steal privileges. I think that you have misunderstood the problem. The ACL bug does NOT allow you to use group tables outside of your group. What it does is allows you to use YOUR group table just as if you had GRPNAM privilege. So the problem occurs when there are privileged and non-privileged accounts in the same group. If this is so, any of the users in that group can set up logicals that affect the privileged users. This is the same problem with the Sytem table. (i.e. unprived accounts can set up logical that affect privileged accounts). So it is important for security purposes that you protect the group table for all groups that have privileged and non-privileged accounts in them. I have also heard rumor that VMS 4.3 fixes all of this... Anthony R. Andrea Engineering Computer Services University of Washington BITNET: 02335 at UWAV4 ARPA/CSNET: 02335%uwav4.bitnet@wiscvm.arpa DECnet: VAX4::02335 Phone: (206)543-0499 Mail: Computer Services 374 Loew Hall, FH-10 University of Washington Seattle, WA 98195