- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: Submit
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-09-2008 05:18 AM
тАО12-09-2008 05:18 AM
Re: Submit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-09-2008 06:05 AM
тАО12-09-2008 06:05 AM
Re: Submit
I thought that I had gotten the confirmation notice on my last post, but it appears not to have actually posted. Strange.
I must disagree with the proposal to use CMKRNL to grant the process SYSPRV. As is demonstrated, CMKRNL gives one SYSPRV in one move (Chess reference: "Mate in one"). WADR, sneaking an enabling of SYSPRV could have serious repercussions if (more accurately, when) it is discovered during an audit or other security review.
The better path is to review why the operator account was granted CMKRNL and CMEXEC, and resolve that issue, then removing both of those DEVOUR-class privileges from the operator account. One of the solutions I commented on earlier, or the one Joseph Huber mentioned in his post address the problem.
A thorough reading of the "OpenVMS Guide to System Security", particularly the sections relating to privileges, is highly recommended. The manual is available from the OpenVMS www site in HTML at http://h71000.www7.hp.com/doc/732FINAL/aa-q2hlg-te/aa-q2hlg-te.HTMl or in PDF at http://h71000.www7.hp.com/doc/732FINAL/aa-q2hlg-te/aa-q2hlg-te.PDF .
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-09-2008 12:57 PM
тАО12-09-2008 12:57 PM
Re: Submit
As others have pointed out, CMKRNL gives easy access to all privileges (which should be blindlingly obvious as it allows SUBMIT/USER of an arbirtary user, including SYSTEM, so they user effectively IS SYSTEM)
If the set of SUBMIT/USER commands this user needs to issue is relatively small, write a program which hard codes all possible variants as calls to $SNDJBC. The program can be installed with CMKRNL and SYSPRV, protected to only be executable by authorized persons. Use a menu or similar mechanism to restrict what the user can do with the privileged program. You can then remove CMKRNL from the privileges of this (obviously untrusted!) user.
If your auditors are worried about SYSPRV, but aren't already unhappy about CMKRNL, you should get yourself some auditors who have a clue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-09-2008 01:07 PM
тАО12-09-2008 01:07 PM
Re: Submit
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-10-2008 09:50 AM
тАО12-10-2008 09:50 AM
Re: Submit
However with SYSPRV or BYPASS priv. these users might ACCIDENTALLY delete critical files due to lack of (pick one) training,
experience, typing skills, brains...
I am the system administrator but I do not give even myself BYPASS as a default priv. (I can of course enable it if I wish). I have a few critical files set to no delete access from S,O,G,W just so a mistyped wildcard delete won't get them. If I really want to delete them it takes me an extra step. Most files have S:D access so SYSPRV let's me delete them in one step.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-10-2008 09:59 AM
тАО12-10-2008 09:59 AM
Re: Submit
I just realized that no one mentioned READALL privilge. If your operators can be trusted with it then they will be able to SUBMIT jobs using /USER= (along with CMKRNL that they already have).
If they can't be trusted with READALL priv. then I would say they can't be trusted with CMKRNL priv either. You can't accidentally or even deliberately destroy anything with READALL. And if they can't be trusted not to look at stuff they're not supposed to look at, then they can't be trusted not to deliberately attack the system either.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО12-11-2008 03:27 PM
тАО12-11-2008 03:27 PM
Re: Submit
PJ
Peejay
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If it can't be done with a VT220, who needs it?
- « Previous
-
- 1
- 2
- Next »