From:	CSBVAX::CSBVAX::MRGATE::"SMTP::CRVAX.SRI.COM::RELAY-INFO-VAX"  4-MAR-1989 17:25
To:	MRGATE::"ARISIA::EVERHART"
Subj:	Re: Wollongong WIN/TCP 5.0 gotcha 


Received: From KL.SRI.COM by CRVAX.SRI.COM with TCP; Sat,  4 MAR 89 14:02:53 PDT
Received: from TGV.COM by KL.SRI.COM with TCP; Sat, 4 Mar 89 13:42:00 PST
Date:     Sat, 4 Mar 89 13:40:26 PST
From:     adelman@TGV.COM (Kenneth Adelman)
Reply-To: Adelman@TGV.COM (Kenneth Adelman)
Message-Id: <890304134026.5a@TGV.COM>
Subject:  Re: Wollongong WIN/TCP 5.0 gotcha 
To:       wilsonjl@hqhsd.brooks.af.mil
cc:       info-vax@kl.sri.com

> A temporary (and unsatisfactory) solution was to grant the MAILER account
> SYSPRV. Sounds like a bug in the WINS_MAILSHR image to me.

    Under VMS V4 MAIL.EXE was installed with SYSPRV, which had the
side effect that you could write xxx_MAILSHR images which used and
required SYSPRV to run.

    Under VMS V5 MAIL.EXE is no longer installed with SYSPRV. In our
TCP product we had to modify parts of our SMTP_MAILSHR image to run in
executive mode to accomplish the necessary privileged operations
without allowing someone to breach system security. We install our
SMTP_MAILSHR /PROTECTED so it can get its own CHME vector.

    As a temporary workaround until you have a vendor-supplied
solution, you might also try re-installing MAIL.EXE with the necessary
privs. This makes an assumption that DEC didn't remove the code which
made it safe to install MAIL.EXE with SYSPRV, so you might want to try
to EXTRACT a message into a file which you otherwise wouldn't have
privs to write to determine if you are adding a security hole by doing
this.

						    Kenneth Adelman
						    TGV, Incorporated