Security issues
Steve Huckvale
shuckvale@cosworth-racing.co.uk
Wed, 14 Apr 1999 14:30:45 +0100
All,
I have a security Issue with QUIZ and wonder if there's a simple solution
any of you may be aware of. We have a HP3000 running MPE/iX as an OS and
ManMan as our primary application. Through the use of auto-logon UDC's and
ManMan security our user's have limited (if any) access to MPE commands.
However, we have customised ManMan so that certain commands will
interactively run QUIZ code or QUICK screens within the users session.
Whilst QUIZ code is being processed from a user's session the user may at
any point press <CTRL>Y, say NO to continue and be granted a QUIZ command
prompt >. From here the user can 'shell' out, for instance with :CI, and be
granted use of MPE commands.
There is a sketchy reference in the manuals I have to a 'noosaccess'
program parameter which I can't seem to use, besides that doesn't seem to
fit what I'm looking for. Ideally I would like to allow the code itself
access to the OS, but not a user.
Obviously this a hole we would like to plug... any ideas?
Steve Huckvale
Analyst Programmer
Cosworth Racing Limited
The Octagon, St James Mill Road
Northampton, NN5 5RA, England.
Tel: (+44-1604-598490)
Fax: (+44-1604-598506)
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
Subscribe: "subscribe powerh-l" in message body to majordomo@lists.swau.edu
Unsubscribe: "unsubscribe powerh-l" in message to majordomo@lists.swau.edu
powerh-l@lists.swau.edu is gatewayed one-way to bit.listserv.powerh-l
This list is closed, thus to post to the list, you must be a subscriber.