From: CRDGW2::CRDGW2::MRGATE::"SMTP::CRVAX.SRI.COM::RELAY-INFO-VAX" 7-AUG-1990 05:07:18.85 To: MRGATE::"ARISIA::EVERHART" CC: Subj: old SET RIGHTS problem (was: set proc/priv=all; other questions) Received: by crdgw1.ge.com (5.57/GE 1.70) id AA24843; Mon, 6 Aug 90 19:19:53 EDT Message-Id: <9008062319.AA24843@crdgw1.ge.com> Received: From CUNYVM.CUNY.EDU by CRVAX.SRI.COM with TCP; Mon, 6 AUG 90 12:42:27 PDT Received: from DGOGWDG5.BITNET by CUNYVM.CUNY.EDU (IBM VM SMTP R1.2.2MX) with BSMTP id 0280; Mon, 06 Aug 90 15:39:12 EDT Date: Mon, 6 Aug 1990 18:34:10 +0200 From: "GWDGV1::MOELLER" To: info-vax@sri.COM Subject: old SET RIGHTS problem (was: set proc/priv=all; other questions) Jean-Louis Oneto writes > Date: Fri, 3 Aug 90 04:38:27 EDT > Subject: re: set proc/priv=all: other questions > > Hi net ! > I WILL resist to the temptation of add more examples of problems caused by > too much/not enough privileges for the dumb sys mgr/smart user... >[...] > $ set proc/priv=all >[...] > $ set right/id=/attribute=resource > and I get a suberb message of: you need CMKRNL to change rightlist... >[...] > This afternoon I tried to reproduce the set right problem, with an > other username, another id, without the resource attribute, and I got this > time a message: no such identifier. I checked the id and it's well here, > I hold it, I can ena/disable it to my process... Congratulations, you have discovered a truly old and somewhat mysterious VMS bug that has been with the SET RIGHTS command ever since its creation. I think it's time to post the relevant SPR of mine: ------- SPR REPORT (M-VAX-4421S) Operating System: VAX/VMS 4.5 Date: 20-MAY-1987 Bad privilege check in SETRIGHTS Description: The DCL command $ SET RIGHTS grants/revokes non-dynamic identifiers to/from another process iff the *target* process has CMKRNL privilege. It does not check the privileges of the *caller*. For example, if you have WORLD privilege, you can grant the ERRFMT process any identifier. If the target process does not have CMKRNL privilege, the failure status erroneously says "invalid identifier". -------- Let me explain the "mysterious" point: I discovered the bug from reading the fiches (on the day given), when there was the word of a security hole in 4.5 and I was trying to find it for myself. Soon I learned that the incredible 4.5 SECURESHR.EXE was the problem that everyone talked about at that time (fixed by DEC's first security update). Anyway, I took this bug rather seriously, SPR'ed it and never got a reply (in spite of talking to several people at the German support centers). Some time later, another security update was distributed (under VMS 4.7 already, I think), which in fact did contain a new SETRIGHTS.EXE, but it did not fix the above bug, but something that I still believe to be a non-problem (correct me if I'm wrong). The behaviour of SETRIGHTS never changed, so by and by I lost the conviction that the above is a security problem ... Wolfgang J. Moeller, GWDG, D-3400 Goettingen, F.R.Germany | Disclaimer ... Bitnet/Earn: U0012@DGOGWDG5 Phone: +49 551 201516 | No claim intended