Path: utzoo!attcan!uunet!mcvax!cernvax!hjm
From: hjm@cernvax.UUCP (hjm)
Newsgroups: comp.os.vms
Subject: Re: More on protection of SYS$SYSTEM files and VMS 4.6/4.7
Summary: Nasty little traps for the unwary ...
Message-ID: <681@cernvax.UUCP>
Date: 16 May 88 12:20:00 GMT
References: <8805131040.AA17557@ucbvax.Berkeley.EDU>
Reply-To: hjm@cernvax.UUCP (Hubert Matthews)
Organization: CERN European Laboratory for Particle Physics, CH-1211 Geneva, Switzerland
Lines: 20

In article <8805131040.AA17557@ucbvax.Berkeley.EDU> IMHW400@INDYVAX.BITNET writes:
>I have scanned our SYS$SYSTEM and found some interesting protection masks.
>For example, can anybody think of a good reason for SYS.EXE to be W=RE?
>Or *every* device driver?  I don't know whether the 4.6 installation did
>this, but I'm going to suggest that our site review these masks carefully.
>
>Mark H. Wood    

No, I can't think of any good reason either, but just a word of warning: if you
change the protection on F11BXQP.EXE to world no-access then the RSX layered
product won't work!  This is because it can't create the global section SYSXQP
which is required to be w:re, and guess where it gets it protection mask from.

That one bit me for several weeks - so watch out, there are some funny things
associated with the protection masks in SYS$SYSTEM. 


	... and may your error log be forever empty ...

		Hubert Matthews