LISTSERV - HP3000-L Archives

HP3000-L Archives

January 1998, Week 3

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L January 1998, Week 3

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Can a PM program open file it lacks normal access to? -Reply
From:	Mark Bixby <[log in to unmask]>
Reply To:	[log in to unmask][log in to unmask]:30:[log in to unmask]
Date:	Thu, 15 Jan 1998 14:08:25 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (19 lines)

Michael P. Smith writes:
> If my thinking is right, no matter how A.B.C is aborted, the temporary SM
> capability would be lost and there would be no security breach.  Also, the
> reason that I keep giving SM and taking SM away from A.B.C is to make the
> example simpler.  In reality I would probably give SM to the process and
> only take it away if I allowed the user to execute CI commands from within
> the program (in which case if I left SM on the process the user would have a
> means of exploiting the SM capability).

Just make sure that your temporary SM program disallows :FILE equations when
you open your files.  You don't want a malicious user telling your program to
open files that it isn't supposed to.
--
Mark Bixby                      E-mail: [log in to unmask]
Coast Community College Dist.   Web: http://www.cccd.edu/~markb/
District Information Services   1370 Adams Ave, Costa Mesa, CA, USA 92626-5429
Technical Support               Voice: +1 714 438-4647
"You can tune a file system, but you can't tune a fish." - tunefs(1M)

ATOM RSS1 RSS2

RAVEN.UTC.EDU