Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site ucbvax.BERKELEY.EDU
Path: utzoo!watmath!clyde!cbosgd!ihnp4!ucbvax!DDATHD21.BITNET!#D1Z
From: #D1Z@DDATHD21.BITNET
Newsgroups: mod.computers.vax
Subject: Access Control Lists and Security
Message-ID: <8511121334.AA29413@ucbvax.berkeley.edu>
Date: Tue, 12-Nov-85 08:35:22 EST
Article-I.D.: ucbvax.8511121334.AA29413
Posted: Tue Nov 12 08:35:22 1985
Date-Received: Wed, 13-Nov-85 08:04:27 EST
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 30
Approved: info-vax@ucbvax.berkeley.edu

With VAX-VMS Version 4.0, DEC introduced an implementation of
Access Control Lists (ACL), in that release for files and devices.
In release 4.2 they were extended to logical name tables.

Though the theoretical concept of Access Control Lists gives a high
amount of access security, the realisation in VMS opens some ways for
intruders:

 a) A user may set an ACL for the terminal he is logged in. This
    ACL still remains active, when he logs out. Since the user may well
    have set an ACL which allows him allocation of the terminal, he
    then may run a program simulating the Login Process - and acquire
    knowledge of the password(s) of privileged users. (If DECnet is
    available at that site in question, even a Login Failure may be
    simulated automatically!)

 b) When a logical name table does not have an owner nor an ACL -
    and LNM$SYSTEM does not have neither as a default - anybody may
    set an ACL for it allowing him any access he wants. (Note that
    if he does not include CONTROL access, he must not remove the
    ACL any more!)

 c) Note that if you use file access across DECnet without proxy
    accounts  (e.g. TYPE NODE"USER PASSWORD"::FILENAME), the password
    will be stored in the RECALL buffer, so anyone who may use your
    session without your paying attention to it may find some pass-
    words he should not know of...

             Yours
                   Wilhelm Mueller