EVERHART%ARISIA.DECnet@GE-CRD.ARPA (05/24/88)
In response to several messages: Re DISM32: If you KEEP UP with DECUS stuff, you'd find the current DISM32, WITH sources, on the Fall 1987 VAX SIG tape. It works VERY well on even very non trivial programs. (Did a nice job of quickly reverse engineering the last security patch). Re: PHOTO (and boss, etc.) the spring 1988 VAX tape will have a patched version of PTY driver which will let them all work again. In the meantime, my advice is to set the SYSGEN parameter TTY_PROT to 0 (which will allow the spawns to work) and then add set prot/device commands to your SYSTARTUP to disable world access to all your terminals. (This prevents password grabbers). This won't help too much with spawned devices, so for the time being I'd suggest a short disconnect time or none; I gather (no official info though) that the problem may lie in detached jobs being grabbed via unprotected VT devices and manipulated. When the new PTY driver comes out, the driver will set the ownership of the spawned TPAn and PYAn devices so the subprocess owns them. You can of course modify the driver so their protection mask is just zeroed instead if you like. I suspect the security implications of this for the TPA0/PYA0 driver combo are fairly harmless, as you have channels open to these anyhow. My current guess is that the VAX tape will be of comparable size to the last one. It will fit on a 6250BPI reel, though. The 1987 Languages and Tools tape was submitted to the DECUS library and to the DECUS NLC tree last week.