Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!husc6!cmcl2!rutgers!ucla-cs!zen!ucbvax!IAGO.CALTECH.EDU!gea
From: gea@IAGO.CALTECH.EDU (Gary Ansok)
Newsgroups: comp.os.vms
Subject: Re:  installed images and security
Message-ID: <870828122253.034@Iago.Caltech.Edu>
Date: Fri, 28-Aug-87 15:23:31 EDT
Article-I.D.: Iago.870828122253.034
Posted: Fri Aug 28 15:23:31 1987
Date-Received: Sun, 30-Aug-87 06:21:51 EDT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 22

> Some time ago we installed the FINGER program. We did not 
> see any security problem in installing FINGER with SYSPRV 
> privilege, because the only files FINGER accessed were 
> SYSUAF.DAT (to get the last-login date) and FINGER.PLN in a 
> user's home-directory.

FINGER should keep its SYSPRV turned *off* except when absolutely
necessary (such as accessing SYSUAF.DAT).  There is no need for
a program to use SYSPRV to access FINGER.PLN files; if users keep
their FINGER.PLN files protected, it's their choice (and their problem
when everyone else starts complaining).  If you have novice users in
an environment where the default is protected files, then a .COM file
can be used when they update their FINGER.PLN files to unprotect the
files.

Privileged programs keeping privileges turned off except when necessary
is only one form of paranoia that installed programs should exhibit.
Several others have been mentioned in this list from time to time;
perhaps someone out there has kept a summary.

	Gary Ansok
	gea@romeo.caltech.edu      -or-       ansok@scivax.arpa