Xref: utzoo comp.lang.c:14401 comp.unix.wizards:13006
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!deimos!uxc!tank!mimsy!chris
From: chris@mimsy.UUCP (Chris Torek)
Newsgroups: comp.lang.c,comp.unix.wizards
Subject: Re: Insecure hardware (was Re: gets(3) nonsense)
Message-ID: <14757@mimsy.UUCP>
Date: 30 Nov 88 11:42:19 GMT
References: <867@cernvax.UUCP> <645@quintus.UUCP> <339@igor.Rational.COM> <3335@tekcrl.CRL.TEK.COM>
Followup-To: comp.unix.wizards
Organization: U of Maryland, Dept. of Computer Science, Coll. Pk., MD 20742
Lines: 39

Someone else mentioned the correct answer, but I suppose I had best do
it again.  I have redirected followups to comp.unix.wizards only.

>In article <1189@cps3xx.UUCP> rang@cpswh.cps.msu.edu (Anton Rang)
`corrects' me:
>>VAX processors do have separate bits for read, write, and execute on
>>each page (I seem to vaguely recall one more). ...

In article <3335@tekcrl.CRL.TEK.COM> terryl@tekcrl.CRL.TEK.COM writes:
>     BBBBUUUUUZZZZ!!!!! Wrong answer...

So far so good....

>     The VAX only has read/write permissions per page, but it does have
>4 different access modes per page (kernel, executive, supervisor, & user),
>with each access mode having its own independent permissions per page...

Not so.  There is a four bit field for `access control'.  With four CPU
modes (K E S & U as above) and two permissions (R & W), there are only
half as many bits as needed for fully independent permissions.
Instead, the VAX designers made the assumption that if the user can
write the page, all the more privileged modes should also be able to
write; if the user can only read, more bits might allow other modes to
write.  Whatever permissions a less-privileged mode has, a more-
privileged mode has at least those permissions.

4BSD VAX Unix makes use of only the following modes:

#define	PG_NOACC	0
#define	PG_KW		0x10000000
#define	PG_KR		0x18000000
#define	PG_UW		0x20000000
#define	PG_URKW		0x70000000
#define	PG_URKR		0x78000000

Execute permission is implied by read permission.
-- 
In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)
Domain:	chris@mimsy.umd.edu	Path:	uunet!mimsy!chris