KVC@engvax.UUCP (09/18/85)
I have come across some changes in the way shareable images work in VMS V4.2
that I thought I should share with the group.
Imagine for the moment you have an executable image A linked with a shareable
image B. Neither the shareable image nor the executable program are INSTALLed
nor do they require privileges to run. Under VMS 4.1 everything works fine.
Under VMS 4.2 we had problems with applications aborting with the error:
PRIVINSTALL, Shareable images must be installed to run privileged image
In addition, if the shareable image is accessed through a logical name (we
do this to avoid cluttering SYS$SHARE and to allow us to dynamically swap
between shareable images to use a graphics library that has different images
for each terminal type) the logical name must be in EXEC mode.
This behaviour is normal under previous versions of VMS if the image A was
installed with privileges. This is a security requirement so that Joe user
cannot run a prived program with his own shareable image.
Under 4.2, this requirement has extended to cover any image for which the
user has execute only access (eg. W:E protection on the .EXE file itself).
In other words, if the user does not have READ access to the disk file of
the executable image (A in my example above) then that image is treated very
much like an image that has been installed with privileges when it comes
time to activate shareable images. Simply granting R access fixes this.
You could also install the shareable image and use EXEC mode logical names,
but for a non-prived image we did not want to waste the space for this.
In summary, this brings up a gripe I've had with VMS for quite awhile.
What good is execute-only access? Sure, I can set files up with execute-only,
but nothing seems to work if I do that. In V3 images that you thought
were being shared weren't (remember when that release of BASIC protected
BASIC.EXE incorrectly and people found their system's brought to their
knees with 5 copies of BASIC.EXE in memory at once?). In V4 you at least
get errors if you try to install it and it's not readable. Now you can't
even protect images that aren't installed such that they aren't readable if
they use a shareable image. Shareable images are far too useful and valuable
(witness my graphics library trick described above!) for me to stop using
them, but in many cases I need to restrict copies of .EXE files for licensing
or disk-space reasons.
Any comments? (Yes, I called Telephone Support before complaining to the net)
/Kevin Carosso engvax!kvc @ CIT-VAX.ARPA
Hughes Aircraft Co.