Date: Mon, 1 Jun 1998 10:41:45 +0300 (IDT) From: Nadav Eiron <nadav@cs.technion.ac.il> To: David Greenman <dg@root.com> Cc: Terry Lambert <tlambert@primenet.com>, abial@nask.pl, freebsd-hackers@FreeBSD.ORG Subject: Re: Signed executables, safe delete etc. Message-ID: <Pine.GSO.3.95-heb-2.07.980601103415.4910C-100000@csd> In-Reply-To: <199806010018.RAA09016@implode.root.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 31 May 1998, David Greenman wrote: > As I was a VMS user and kernel software developer for 10 years prior to > hacking on Unix source, I'm quite familiar with how VMS works both internally > and externally. The linker in VMS is not installed with any special privilege > and any user can make a binary executable. A user, for example, can use kermit > or other file transfer utility to copy over a VMS executable and as long as > the file record type is correct (fixed, 512 byte records) and he sets the > execute permission (set file/prot=exec...I'd mention the system call to do > this if I could remember it), he can execute it. If you have BYPASS priv, then even this is not necessary. You simply run it. > As I mentioned above, the SYSPRIV privilege allows the process to access > resources as if he had a system UIC. There are 4 sets of permissions bits > in VMS: user, system, group, and world. A system UIC is (usually) a UIC that > has a group number that is less than 9. If you have a system UIC or you ^^^^^^^^^^^ VMS UICs are in octal (usually). A system UIC is one that has group < 10 (octal), or less than 8 if you happen to favor decimal notation... > have SYSPRIV, then you can access files and directories using the "system" > permissions bits, which usually default to RWED (all access). If your program Well, the default is something *you* set (with SET PROT/DEFAULT), so it's really up to you. > required SYSPRIV, then you apparantly had some sort of permissions problem - > perhaps you created the file with the wrong permissions to start with (no > user/group/world access) and this caused the subsequant syscall to set the > file exectuable to fail. One Can Only Imagine. > In any case, your statements regarding the linker and file executablity > are simply wrong. Not to mention VMS's ability (on vintage VAXs only, though) to run PDP-11 RSX executables (which are obviously not created with the VMS linker). A nice trick to play on a new person in a VMS shop (well, nowadays you'll have to dig for a VAX - it doesn't work in OpenVMS/Alpha) is the following: 1. Put a program that does something nasty in SYS$SYSTEM:RSX.EXE 2. Ask the innocent user to do RUN LOGIN.COM (or any other text file, the really creative can ask him to run the C source of a program...). VMS, not recognizing the image as a VMS executable will (not always, depending on the record format and the first few characters of the file) to run the image as an RSX image. Thus, it loads SYS$SYSTEM:RSX.EXE (to start PDP emulation mode), and the newbie gets what he deserves... :-) Try this on someone! People fall for it every time, trying to find out how come they can run their *source* code, and why it fails... > > -DG > > David Greenman > Co-founder/Principal Architect, The FreeBSD Project > Nadav To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.3.95-heb-2.07.980601103415.4910C-100000>