Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!rutgers!ames!sdcsvax!ucsdhub!hp-sdd!hplabs!ucbvax!aim.rutgers.EDU!hobbit
From: hobbit@aim.rutgers.EDU.UUCP
Newsgroups: comp.os.vms
Subject: FINGER security hole
Message-ID: <8709020502.AA07959@ucbvax.Berkeley.EDU>
Date: Sat, 29-Aug-87 23:50:00 EDT
Article-I.D.: ucbvax.8709020502.AA07959
Posted: Sat Aug 29 23:50:00 1987
Date-Received: Thu, 3-Sep-87 06:04:17 EDT
Sender: daemon@ucbvax.BERKELEY.EDU
Reply-To: "*Hobbit*" <hobbit@aim.rutgers.edu>
Distribution: world
Organization: The ARPA Internet
Lines: 19

Well, the gentleman from the other continent is right; FINGER attempts to
open the user's plan file with sysprv turned on.  The fix, if course, is to
clobber the use of priv_user_open for reading anything but the UAF.

*However*:  E protection on a directory allows access to the files within
by exact name.  Therefore if you really want to protect something, toss it
in a directory whose mode allows group and world to go eat commas.

SET FILE/ENTER, as I've flamed about before, is done completely bass-ackwards
and *wrong*, and should not exist as given.  In playing around with ridding
myself of it, I've discovered that it's not enough to simply take handling
for /enter and /remove out of SET.CLD -- this breaks SET FILE completely.
Watch this space for when I figure out how to completely nuke the sys$enter
call.

When the *fuck* is DEC going to give us *properly done* file links??

_H*
------