Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site ucbvax.BERKELEY.EDU
Path: utzoo!watmath!clyde!burl!ulysses!ucbvax!GRINNELL.MAILNET!McGuire_Ed
From: McGuire_Ed@GRINNELL.MAILNET
Newsgroups: mod.computers.vax
Subject: shared logical name table security
Message-ID: <8603190839.AA19211@ucbvax.berkeley.edu>
Date: Tue, 18-Mar-86 14:40:00 EST
Article-I.D.: ucbvax.8603190839.AA19211
Posted: Tue Mar 18 14:40:00 1986
Date-Received: Fri, 21-Mar-86 03:32:35 EST
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 7
Approved: info-vax@sri-kl.arpa

I talked to CSC recently about the ACL hole in logical name table security, and
they said that under V4.2 a user gets a privilege violation if she tries to put
an ACL on a group table in a different group, so it is only necessary to
protect LNM$SYSTEM_TABLE (and that the bug would be fixed in V4.3).  But the
mail discussing the security problem in this forum indicates that the bug
applies to group name tables.  What gives?  Has anybody actually tried to break
group tables under V4.2?