Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!husc6!mit-eddie!ll-xn!ames!ucbcad!ucbvax!VENUS.YCC.YALE.EDU!leichter
From: leichter@VENUS.YCC.YALE.EDU ("Jerry Leichter")
Newsgroups: comp.os.vms
Subject: re: DECNET/SHOW DEF bug
Message-ID: <8709291048.AA14273@ucbvax.Berkeley.EDU>
Date: Mon, 28-Sep-87 16:21:00 EDT
Article-I.D.: ucbvax.8709291048.AA14273
Posted: Mon Sep 28 16:21:00 1987
Date-Received: Wed, 30-Sep-87 07:12:29 EDT
Sender: daemon@ucbvax.BERKELEY.EDU
Reply-To: "Jerry Leichter" <leichter@venus.ycc.yale.edu>
Distribution: world
Organization: The ARPA Internet
Lines: 47


	The below is a session I just had with DECNET:

	$ set def ntvaxb"test hello"::dra0:[test]

	$ dire

	Directory NTVAXB"test password"::$10$DRA0:[TEST]

	KSFDJLDSFKJ.TMP;1   MORIA.DIR;1         NETSERVER.LOG;4 ...

	Total of 7 files.

	$ show def
	  NTVAXB"test hello"::DRA0:[TEST]             

	Why does the SHOW DEFAULT command show the password?  I thought all
	DECNET command were supposed to say "password", just like the
	DIRECTORY command did.  Is this going to be fixed in VMS 4.6?  This is
	a possible security problem if you SET DEFAULT through DECNET, which I
	do on occasion on TEXNET.

SET DEFAULT to a remote directory is not a supported operation.  (Read the
documentation in detail and you'll see that this is indeed the case, though
it isn't obvious to a casual glance.)  It works MOST of the time - but not
ALL the time.  This is one of those cases in which it fails to work "correct-
ly".  The masking of the password is a function of RMS parsing.  If the saved
default contained just the string "password", you wouldn't be able to use it
to open any files on the remote system - the actual password is needed.  The
actual password is, in fact, saved, so that your SET DEFAULT actually allows
you access to the remote system.

So SHOW DEFAULT would have to mask the password.  However, SHOW DEFAULT never
parses the default - it simply displays it.  It would be rather pointless for
SHOW DEFAULT to go to the trouble of doing the masking itself as the node name
and access string are easily available by translating SYS$DISK.

You might be able to get a closer approximation to the behavior you want by
setting up a CONCEALED logical that contained the node name and access control
string.  I haven't played around with this, so I can't really say for sure.

Another approach is the "don't do that approach":  If you are going to insist
on this kind of SET DEFAULT, don't do a SHOW DEFAULT!  You can build yourself
a command file that does a "safe" SHOW DEFAULT.

							-- Jerry
------