question

[Chris Sharman]

> 
> In the login.com script you should also add a ON CONTROL Y THEN LOGOUT. 
> If not when the login script runs and the user presses control Y it will 
> take them to the $ prompt.

The key to preventing unauthorised DCL ($) access is the captive flag, 
as Philip Jackson said:

$ set def sys$system
$ mcr authorise mod <user>/flag=captive

This guarantees (as far as possible) that control Y won't get them a $ 
prompt. Nothing else does: the malicious user just has to get his ^Y in 
before you get it disabled otherwise.

You must also ensure that privileged images (such as Quick) are 
configured & run correctly, as otherwise they are able to bypass the 
captive flag. The 'Do' key shouldn't work, but developer-written 'run 
commands' probably should.

Chris



-----------------------------------------------------------------------

Any views expressed in this message are those of the sender and not
necessarily those of CCA Group.  The unauthorized use, disclosure,
copying or alteration of this message is forbidden.  The contents of
this message may be confidential and/or privileged, copyright CCA Group
and are intended solely for the use of the individual or entity to whom
they are addressed.  Whilst this message has been scanned, CCA Group
cannot guarantee that it is virus free or compatible with your systems
and accepts no responsibility for any loss or damage arising from its
use. The recipient is advised to run their own anti-virus software. If
you receive this message in error please contact
postmaster@ccagroup.co.uk immediately, destroy any copies and delete it
from your computer systems.