Path: utzoo!attcan!uunet!lll-winken!lll-tis!mordor!joyce!ames!pasteur!ucbvax!UKANVAX.BITNET!sloane
From: sloane@UKANVAX.BITNET (Bob Sloane)
Newsgroups: comp.os.vms
Subject: RE: PTY driver fix
Message-ID: <8805270838.AA13400@ucbvax.Berkeley.EDU>
Date: 27 May 88 08:39:21 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 28
X-Unparsable-Date: Wed, 25 May 1988 10:32:11.38 CDT

Tony Cook writes:

>DEC's recent SECURITY UPDATE V2 patch has broken the CMU/Hughes
>PTY pseudo terminal driver. The patch to TTDRIVER.EXE has changed the default
>device protection for cloned devices (e.g VTAn virtual terminals). Thus
>the pseudo terminal device TPAn: receives the totally useless device protection
>of [S:WRLP O: G: W:]. It used to be [S:WRLP O:WRLP G:WRLP W:WRLP].

I tried the change to the TP driver, and it fixes the PHOTO problem. Now I
am wondering if I am open to security problems if I put this patch in.
DEC seems to have put in a patch that specifically changes the behavior
of this interface. I can't help but wonder: if a user gets a PTY device with
full protections, can that be used to violate system security? Someone
mentioned Trojan Horse programs in talking about this patch. Does anyone
out there know why the protections were changed? If so, am I leaving my
system wide open?  I don't need to know the details of the problem, but
a simple yes or no answer would help greatly.

Also, do any of the VMS guru's know if the PTY driver code will stop working
under VMS 5.0?  If so, is anyone planning on fixing it?  I don't want to
keep putting PHOTO up and then taking it down.  Thanks for any help anyone
can give me.

                      Bob Sloane
                      University of Kansas
                      Computer Center
                      (913) 864-0444
                      SLOANE@UKANVAX.BITNET
                      SLOANE@KUHUB.CC.UKANS.EDU