Date: Mon, 1 Jun 1998 10:41:45 +0300 (IDT) From: Nadav Eiron <nadav@cs.technion.ac.il> To: David Greenman <dg@root.com> Cc: Terry Lambert <tlambert@primenet.com>, abial@nask.pl, freebsd-hackers@FreeBSD.ORG Subject: Re: Signed executables, safe delete etc. Message-ID: <Pine.GSO.3.95-heb-2.07.980601103415.4910C-100000@csd> In-Reply-To: <199806010018.RAA09016@implode.root.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 31 May 1998, David Greenman wrote:
> As I was a VMS user and kernel software developer for 10 years prior to
> hacking on Unix source, I'm quite familiar with how VMS works both internally
> and externally. The linker in VMS is not installed with any special privilege
> and any user can make a binary executable. A user, for example, can use kermit
> or other file transfer utility to copy over a VMS executable and as long as
> the file record type is correct (fixed, 512 byte records) and he sets the
> execute permission (set file/prot=exec...I'd mention the system call to do
> this if I could remember it), he can execute it.
If you have BYPASS priv, then even this is not necessary. You simply run
it.
> As I mentioned above, the SYSPRIV privilege allows the process to access
> resources as if he had a system UIC. There are 4 sets of permissions bits
> in VMS: user, system, group, and world. A system UIC is (usually) a UIC that
> has a group number that is less than 9. If you have a system UIC or you
^^^^^^^^^^^
VMS UICs are in octal (usually). A system UIC is one that has group < 10
(octal), or less than 8 if you happen to favor decimal notation...
> have SYSPRIV, then you can access files and directories using the "system"
> permissions bits, which usually default to RWED (all access). If your program
Well, the default is something *you* set (with SET PROT/DEFAULT), so it's
really up to you.
> required SYSPRIV, then you apparantly had some sort of permissions problem -
> perhaps you created the file with the wrong permissions to start with (no
> user/group/world access) and this caused the subsequant syscall to set the
> file exectuable to fail. One Can Only Imagine.
> In any case, your statements regarding the linker and file executablity
> are simply wrong.
Not to mention VMS's ability (on vintage VAXs only, though) to run PDP-11
RSX executables (which are obviously not created with the VMS linker). A
nice trick to play on a new person in a VMS shop (well, nowadays you'll
have to dig for a VAX - it doesn't work in OpenVMS/Alpha) is the
following:
1. Put a program that does something nasty in SYS$SYSTEM:RSX.EXE
2. Ask the innocent user to do RUN LOGIN.COM (or any other text file, the
really creative can ask him to run the C source of a program...).
VMS, not recognizing the image as a VMS executable will (not always,
depending on the record format and the first few characters of the file)
to run the image as an RSX image. Thus, it loads SYS$SYSTEM:RSX.EXE (to
start PDP emulation mode), and the newbie gets what he deserves... :-)
Try this on someone! People fall for it every time, trying to find out how
come they can run their *source* code, and why it fails...
>
> -DG
>
> David Greenman
> Co-founder/Principal Architect, The FreeBSD Project
>
Nadav
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.3.95-heb-2.07.980601103415.4910C-100000>