From:	CRDGW2::CRDGW2::MRGATE::"SMTP::CRVAX.SRI.COM::RELAY-INFO-VAX" 20-OCT-1989 13:07
To:	MRGATE::"ARISIA::EVERHART"
Subj:	Re: password securith and worms

Received: From CITHEX.CALTECH.EDU by CRVAX.SRI.COM with TCP; Fri, 20 OCT 89 09:34:04 PDT
Received: from soltmp.span by CitHex.Caltech.Edu with VMSmail ;
	Fri, 20 Oct 89 09:39:01 PDT
Date:    Fri, 20 Oct 89 09:39:02 PDT
From: carl%soltmp.span@CitHex.Caltech.Edu (Carl J Lydick)
Message-Id: <891020093902.968@CitHex.Caltech.Edu>
Subject: Re: password securith and worms
To: info-vax@CitHex.Caltech.Edu
X-St-Vmsmail-To: CITHEX::INFO-VAX

 > BTW on the subject of DECNET WORMs, I have a way to protect programs from
 > being executed remotely from the decnet account.  Please someone tell me
 > if I am full of it.
 >  
 > Protect the default decnet directory by changing it to be owned by someone
 > else.  DECNET can still read and write to the directory for netserver.log's
 > and the like but no one can copy to it from remote nodes. Of course decnet
 > is unprivleged. Make sense?? It seams to work, I haven't had the local
 > hackers running there programs across decnet anymore.

Sorry, this won't work.  The remote user can do the following:
	$	DEFINE/SYS X my_.com_file
	$	TYPE yournode::"0=mynode::x"
or:
	$	COPY my_.com_file yournode::"0=SYS$NET:"