Mahmoud,

the short answer: NO that does not exist.

If you still do need a longer answer, which would include the technical explanation WHY that CANNOT exist in VMS, then please tell us tou want that as well.

hth.

Proost.

Have one on me.

jpe

Dear Sir.
Thanks for quick answer, and if possible let me know the long answer, Because my customer want details about this issue.
Best Regards

>>> In UNIX systems there are a known problem (Buffer Overflow) which is any one can access the system with username ROOT by typing extra letters or commands after root while issuing the username so he can login to the system without password (Buffer Overflow).

I seriously question that statement.
It looks like someone heard some security things some where at some times and pasted them all together into an English sounding sentence, but it is total nonsense IMHO.

I urge you to validate the statement before going on a wild goose chase.

I do not believe for one moment that there is a sinlge, more or less up to date, Unix implementation where you can still become root by just typing a bad username.
- Sure this may have happened to _some_ Unix at _some_ point in the past ( more than 10 year back?)
- not all Unixes are created equal(ly bad).
- Sure, buffer overflow can and have happened in Unix implementations leading to security risks... But even more so on Windows and also on VMS but much less so (and then notably in the Unixy components like web and tcp tools :-)
- Those Overflow problems tend to be MUCH more contrived than just typing in a funky username.

I'm with Jan that such problems are much less likely to happen under VMS due to the codign pratices deployed by VMS engineering, and application engineers alike:
- string descriptors
- multiple security levels
- extensive runtime library packages
- object protection (acl)
- open-nes: no "security though obscurity"
- QIO/RMS IO buffers layers

Good luck!
Hein.