BROSSEAU%SECAD1@engvax.scg.hac.COM ("LISA M. BROSSEAU") (09/24/87)
I have been playing around with the program PASS that was put out on the net. I like the idea of forcing users with expired passwords to change them before they are able to logout,but I am having some problems with PASS. Prob.#1 If the user has other flags set in the UAF besides pwdexpired PASS will not realize that the pwdexpired bit is set. I set up the program so that it uses a mask to check the bit so even if other flags are set the program will work. Prob. #2 The com file that PASS invokes seems fine, but it doesn't prevent people from ctrl-ying out of the set password command. I tried setting nocontrol=(y,c) but the user can still ctrl-y out of the command. Below is a copy of the com file as I have set it up. I would like to figure out how to disallow users from using control-y to escape the trap. I noticed that $status comes back as %X10000001 when the password has been changed correctly and as %X00000001 when ctrl-y has been used. $severity comes back as 1 no matter which of the above conditions exists. Can anyone give me some input on how to really disable control-y for this situation.??? I have already tried the on control_y command and the set nocontrol=y. $ !----------------------------------------------------------------------------- $!***** $!***** SETPASS.COM invoked by the INSTALLed image SYS$SYSTEM:PASS.EXE $!***** $ SET NOON $ DEFINE/NOLOG SYS$INPUT TT $ set nocontrol=Y $ set nocontrol=c $SET_PASS: $ SET NOON $ ON ERROR THEN GOTO SET_PASS $ WRITE SYS$OUTPUT - "You must change your password. Now invoking SET PASSWORD for you..." $ write sys$output "" $ write sys$output "" $ SET PASSWORD $! write sys$output $status $ IF $status THEN goto changed $ goto set_pass $ changed: $ WRITE SYS$OUTPUT "Password change successful" $ EXIT $!------------------------------------------------------------------------- thanks Lisa Brosseau Hughes Aircraft Co. Newport Beach BROSSEAU%SECAD1.HAC.COM@YMIR.CLAREMONT.EDU BROSSEAU%SECAD1.HAC.COM@YMIR.BITNET BROSSEAU%SECAD1.HAC.COM@YMIR.CLAREMONT.EDU@WISCVM.WISC.EDU (I hope one of these addresses works.)
cetron@CS.UTAH.EDU (Edward J Cetron) (09/26/87)
well, as usual, I forgot to snarf pass as it came by....and now I need it... is it available by ftp??? Or if you have it and can send it, Please send mail (not the code yet).... Thanks, ed cetron center for engineering design univ of utah cetron@cs.utah.edu cetron@utahcca.bitnet