Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!lll-winken!lll-lcc!pyramid!prls!philabs!klb From: klb@philabs.Philips.Com (Ken Bourque) Newsgroups: comp.os.vms Subject: Re: Security problem in DQS Message-ID: <3032@briar.Philips.Com> Date: Mon, 7-Dec-87 12:37:40 EST Article-I.D.: briar.3032 Posted: Mon Dec 7 12:37:40 1987 Date-Received: Sun, 13-Dec-87 06:21:21 EST References: <8712050259.AA29107@ucbvax.Berkeley.EDU> Reply-To: klb@briar.philips.com.UUCP (Ken Bourque) Organization: Philips Laboratories, Briarcliff Manor, NY Lines: 17 In article <8712050259.AA29107@ucbvax.Berkeley.EDU> "ERI::SMITH"writes: -> ->During VMSINSTAL, on a server node, DQS creates an account for its own ->use. More specifically, the account is for use by a network object that ->is part of DQS. It also creates a startup .COM file, to be invoked in ->your SYSTARTUP and executed whenever the system is booted. -> ->The file contains the NCP commands to DEFINE and SET the network object, ->and it contains the password for the account which the network object ->uses. Passwords are already stored in the clear in the permanent DECnet database, for whatever that's worth....This startup procedure seems superfluous - once the object is DEFINEd in the permanent DECnet database there is no need to redefine it, and it will be SET into the volatile database automatically when DECnet is started. -- Ken Bourque klb@philabs.philips.com ...!{uunet,ihnp4,decvax}!philabs!klb