Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site ucbvax.BERKELEY.EDU
Path: utzoo!decvax!decwrl!pyramid!hplabs!ucbvax!sneezy.UUCP!
From: @SNEEZY.UUCP (cmf)
Newsgroups: mod.computers.vax
Subject: Re: shared logical name table security
Message-ID: <8603241105.AA27788@ucbvax.berkeley.edu>
Date: Sun, 23-Mar-86 14:08:07 EST
Article-I.D.: ucbvax.8603241105.AA27788
Posted: Sun Mar 23 14:08:07 1986
Date-Received: Mon, 24-Mar-86 19:03:49 EST
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 14
Approved: info-vax@sri-kl.arpa

What CSC told you is true.  However, there is another problem.  If a
group has both privileged and non-privileged users in it, it is possible
for a non-privileged user to disrupt a privileged user by placing an
ACL on the group logical name table, and then adding logical names
such as SYS$SYSTEM: -> SYS$USERDISK:[MYDIR],SYS$SYSROOT:[SYSEXE]
and other awful things.  If you really intend to be security concious,
these are openings you must be aware of, and take steps to close.
The only way I know of to fix this is to run a detached process from
SYSTARTUP in the given group, which will place the ACL the system
manager wants on the table, thus thwarting any further attempts.

				Carl Fongheiser
				...!decvax!cwruecmp!sneezy!cmf
				cmf%sneezy%case@CSnet-relay.ARPA