#D1Z@DDATHD21.BITNET (11/12/85)
With VAX-VMS Version 4.0, DEC introduced an implementation of
Access Control Lists (ACL), in that release for files and devices.
In release 4.2 they were extended to logical name tables.
Though the theoretical concept of Access Control Lists gives a high
amount of access security, the realisation in VMS opens some ways for
intruders:
a) A user may set an ACL for the terminal he is logged in. This
ACL still remains active, when he logs out. Since the user may well
have set an ACL which allows him allocation of the terminal, he
then may run a program simulating the Login Process - and acquire
knowledge of the password(s) of privileged users. (If DECnet is
available at that site in question, even a Login Failure may be
simulated automatically!)
b) When a logical name table does not have an owner nor an ACL -
and LNM$SYSTEM does not have neither as a default - anybody may
set an ACL for it allowing him any access he wants. (Note that
if he does not include CONTROL access, he must not remove the
ACL any more!)
c) Note that if you use file access across DECnet without proxy
accounts (e.g. TYPE NODE"USER PASSWORD"::FILENAME), the password
will be stored in the RECALL buffer, so anyone who may use your
session without your paying attention to it may find some pass-
words he should not know of...
Yours
Wilhelm Mueller