info-vax@ucbvax.ARPA (07/10/85)
From: Richard Garland <OC.GARLAND%CU20B@COLUMBIA.ARPA> The privileged program that translates the logical name should specify which table (SYSTEM, JOB, GROUP etc) and which access mode (USER, SUPER, EXEC) to be used in the translation. Documentation on SYS$TRNLNM tells how to do this. The unprivileged user will (presumably) not be able to define names in the SYSTEM table so you will be safe. Another possible loophole to protect is when RMS opens a file using a logical name. Say a program reads SYS$SYSTEM:SYSUAF.DAT and gets the file via the logical name SYSUAF. RMS can be told to use only privileged mode logical names in such a case if you set a bit in one of the control blocks using a USEROPEN (from fortran) or directly when you do the $OPEN from Macro. The bit is documented in the RMS manual which describes all those RMS bits. Rg -------
info-vax@ucbvax.ARPA (07/12/85)
From: <#D14%DDATHD21.BITNET@WISCVM.ARPA> I want to access one special file from a priviledged image. Under VAX/VMS V3.x I used _DRA0:<DIR>FILE.EXT and no logical name translation was done. But under VAX/VMS V4.x the underscore in front of the device name no longer signals that no translation should be performed. There are some new features like $ DEFINE /SYSTEM /TRANS=TERM DISK DRA0: but the user can redefine DISK with $ DEFINE /TRANS=TERM DISK DRA0: So I modified LNM$FILE_DEV in the table LNM$SYSTEM_DIRECTORY but the user can redefine LNM$FILE_DEV in the table LNM$PROCESS_DIRECTORY. Is there a possibility to define something that cannot be redefined. Reinhard Goeth @ Technical University Darmstadt, W.Germany, Europe (Beware of the number-sign. It's part of my userid !!!)