Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!lll-lcc!ames!ucbcad!ucbvax!murdu.OZ.AU!u3369429
From: u3369429@murdu.OZ.AU (Michael Bednarek)
Newsgroups: mod.computers.vax
Subject: Re: Mail Enhancement To Eliminate SPAWN Command.
Message-ID: <8703180036.26962@murdu.OZ>
Date: Wed, 18-Mar-87 10:36:06 EST
Article-I.D.: murdu.8703180036.26962
Posted: Wed Mar 18 10:36:06 1987
Date-Received: Fri, 20-Mar-87 01:10:21 EST
References: <8703161912.AA04523@linc.cis.upenn.edu>
Sender: daemon@ucbvax.BERKELEY.EDU
Followup-To: mod.computers.vax
Distribution: world
Organization: I.A.E.S.R., Melbourne University
Lines: 24
Keywords: MAIL SPAWN Captive
Approved: info-vax@sri-kl.arpa
Summary: Why do it simply if there is a complicated way?

In article <8703161912.AA04523@linc.cis.upenn.edu>
CLAYTON@xrt.upenn.EDU ("Paul D. Clayton") writes:
>Being in a banking environment with over 500 users [...] 
>The other MAJOR problem being in the banking environment is one of security 
>[...] each has a login menu that presents them with access to what they need.
>[...] The idea of, 'give me SETPRV and I'll take what I need' 
>[...] people getting to DCL through MAIL and 
>traveling around the system with excessive privileges. 

The mind shudders.
Why not install those images with privileges? When the image exits, the user
is left with her/his default privileges.

>I can live with, to a limited degree, this attitude if the user can never 
>get to the DCL prompt. Alas this is (was) my beef with the VMS MAIL program, 
>and its providing the SPAWN command. 

Why not do the obvious and make every account CAPTIVE (UAI$V_CAPTIVE) ???
Apart from the fact that without it every one of your users can login without
executing your smart login menu, it will also disable SPAWN from within MAIL.

Really, I can't believe you are running your system with non-captive accounts.

Michael Bednarek (u3369429@murdu.oz.au)