Is VMS Security being dumbed-down for Java?

Hi,

I have been unable to locate anyone who both could and would answer a couple
of questions for me regarding the image activator's treatment of logical
names, so in desperation I've begun to toy with the idea of wading through a
copy of the VMS source listings, that someone was kind enough to show me. A
quick glance revealed a developer's comment that I found quite striking, and
I was wondering if anyone here could shed any further light on the issue.

Now, comments are just that, comments and quite often bear no resemblance to
what the code is actually doing, and you're free to read as little or as
much into them as you like, but see what you think anyway. From
SYSIMGACT.LIS 3-Oct-2004 line 1820 onwards: -

! the following code seems like a good idea, and maybe would be some day.
! but, in fact, untrusted names are required for privileged execution of
Java. . .

"Damn your logic Spock! the Javans are a peaceful people and mean us no
harm."
"Shields-Down Mr Sulu. . ."

It's a given that not everyone is as easily given to superlative as me so
the horizontal ellipses could be a roll-of-the-eyes, an outpouring of
exacerbation, a cry for help, or simply "I'm not gonna fill up the source
listing with the rest of this fascinating tale". Or non of the above? Anyway
FYI.

Regards Richard Maher

PS. Is it just me or has there been nothing but fruitful, on-topic technical
discussion in COV for over two weeks? Is there nothing sacred?

PPS. If any one thinks they can answer the following questions then please
do: -

Q1: Without the use of enhanced privileges and with the Main Executable
Image not having being INSTALLed: - Can a call from an inner-mode UWSS out
to any other shareable image (/PROTECTED or otherwise) be spoofed and
redirected to another shareable image? My testing to-date indicates that the
image activator insists on all shareable images being INSTALLed. Is this
supported and architected behaviour?

Q2: When a LIB$ routine is called from an EXEC Mode UWSS, why does the image
activator consider Non-Trusted, Supervisor-Mode Logical Names when
activating LIBRTL? Furthermore, why does the image activator then appear to
ignore non-trusted logical names when activating other shareable images? Is
there something peculiar about LIBRTL?


.