Xref: utzoo comp.sys.dec:4415 comp.dcom.lans:6427
Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!rpi!bu.edu!polygen!rbraun
From: rbraun@polygen.uucp (Richard Braun)
Newsgroups: comp.sys.dec,comp.dcom.lans
Subject: DECnet task-to-task programming
Message-ID: <873@fred.UUCP>
Date: 2 Nov 90 15:17:02 GMT
Reply-To: rbraun@spdcc.com (Richard Braun)
Organization: Polygen Corporation, Waltham, MA
Lines: 18

I'm developing a DECnet task-to-task interface for a distributed
Unix application being ported to VMS.

The code I've written uses DECnet nontransparent operations, and
declares a server as a named object.

The problem?  Named DECnet objects under VMS require the SYSNAM
privilege.  Clients of the application probably don't want to hand
out SYSNAM privilege to every user, because this privilege allows
for all manner of "trojan horse" security holes.

Question:  under DECnet, how to I initiate a task-to-task
connection *between two existing processes* (a la Berkeley sockets)
without having to resort to named objects?  If I have to use named
objects, can I get around the security problem some other way?

thanks,
-rich