Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site ucbvax.BERKELEY.EDU
Path: utzoo!watmath!clyde!burl!ulysses!cbosgd!ucbvax!BR1.THDNET!YD14
From: YD14@BR1.THDNET
Newsgroups: mod.computers.vax
Subject: Setting ACLs on a terminal
Message-ID: <8511082044.AA07064@ucbvax.berkeley.edu>
Date: Fri, 8-Nov-85 15:44:45 EST
Article-I.D.: ucbvax.8511082044.AA07064
Posted: Fri Nov  8 15:44:45 1985
Date-Received: Sun, 10-Nov-85 07:33:04 EST
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 9
Approved: info-vax@ucbvax.berkeley.edu

A nonprivileged VMS user cannot allocate another terminal.
But it's possible to do $ EDIT /ACL/OBJ=DEV TT without any privilege
and after logging out the nonprivileged user can allocate the terminal
if he has set this in the ACL.
This is a new security hole since VMS V4.0.

Reinhard Goeth Techn. Univ. Darmstadt (FR Germany)
#D14@DDATHD21.BITNET
#D14%DDATHD21.BITNET@WISCVM.ARPA