Path: utzoo!dciem!nrcaer!cognos!jimp
From: jimp@cognos.uucp (Jim Patterson)
Newsgroups: comp.os.vms
Subject: Re: Callable EDT and privs
Message-ID: <1962@cognos.UUCP>
Date: 10 Dec 87 20:49:12 GMT
Article-I.D.: cognos.1962
Posted: Thu Dec 10 15:49:12 1987
References: <8712041340.AA14659@ucbvax.Berkeley.EDU>
Reply-To: jimp@cognos.UUCP (Jim Patterson)
Organization: Cognos Inc., Ottawa, Canada
Lines: 28

In article <8712041340.AA14659@ucbvax.Berkeley.EDU>  writes:
> how can I write a privileged 
>installed program to access callable EDT and not have the privs turned on 
>when the call to EDT is made.  If the person running the program needs 
>access to a file he could not normally access, the program will have to 
>turn on the privs just before issuing the call to EDT.  This defeats any 
>security checks made, it seems to me.  
>
>I can't figure out how to call EDT and turn off the privs after the file
>has been opened because that operation is transparent to the program. 

If you want the user to be able to edit a normally protected file, one
way to go is to use the EDT file input/output hooks. These are provided
to the EDT interface as procedure parameters. If passed, EDT will call
these routines to handle file i/o to specific files. See the callable
EDT description for full information. It's in the standard DOC set 
somewhere, but I don't remember just where.

Your file i/o routines can enable privileges, open the files needed,
and then disable privileges before returning to EDT. Once the file is
opened, there's no need to turn privileges on anymore. Since there's
no way that your user can enable privileges from within EDT, it
remains secure.
-- 
Jim Patterson                              Cognos Incorporated
UUCP:decvax!utzoo!dciem!nrcaer!cognos!jimp P.O. BOX 9707    
PHONE:(613)738-1440                        3755 Riverside Drive
                                           Ottawa, Ont  K1G 3Z4