Re: IMCB$V_PARENT_PROT What is it good for?

Hi Ian

what I posted was a direct quote. What it means I know not. Back to
reading the source code.

I was being facetious and probably should've put a smiley at then end. What
I sought to proffer were not questions but rather accusations held, like hot
pokers, to the bleeding eyes of my detractors.

The indictment is this, if it is simply illegal, unsupported and sufficient
to open Pandora's box of VMS security vulnerabilities, to call out from
inner-mode to "shareable images activated subsequently" then what the hell
is the IMCB$V_PARENT_PROT good for? Why is it legal to drop the /PROTECT
qualifier on a UWSS Link in the first place? Why does LIB$GET_VM_PAGE
enforce PSL$C_USER in a call to $EXPREG when it can *only* be called from
user mode? Why does SYS$PERSONA_CREATE in (in a run o' the mill shareable
image such as SECURESHR.EXE) *beseech (nay enforce!) you* to call it in
KERNEL mode if you specify the USRPROfile argument on the one hand, yet
blatantly call LIB$GET_VM when it wants a few bytes of memory on the other?
Why do I have to go through life preparing the case for the prosecution? Are
we not all adults? Can we not all simply discuss the science and the
immutable *facts* behind the VMS Security Model and how it pertains to image
activation?

If the VMS Security Model is, in fact, "flat" then why do I always see the
top of the ships' masts on the horizon first?

Maybe the world did go down hill when they taught us stinking peasants to
read, but we're fucking here now so let's put an end to this bull*** Wizard
of Oz routine! I could probably benefit greatly from a heart, courage and
definitely a brain, but in the meantime let's just have the *facts*! Show me
*AANN EEXXAAMMPPLLEE* of a security flaw produced by calling a shareable
from inner-mode and I will show you why the USRPRO argument must be
desupported for SYS$PERSONA_CREATE. (Or are we now really competing with
Windows?)

Cheers Richard Maher

PS. "Ooooh there be Dragons - The great Oz is displeased with you (thunder
lightening) Leave immediately or you will perish (lots of noise) Wardrobe
monsters".

----- Original Message -----
From: "Ian Miller" <ijm@xxxxxxx>
Newsgroups: comp.os.vms
Sent: Tuesday, April 18, 2006 11:58 PM
Subject: Re: IMCB$V_PARENT_PROT What is it good for?


what I posted was a direct quote. What it means I know not. Back to
reading the source code.


"Richard Maher" <maher_rj@xxxxxxxxxxxxxxxxxx> wrote in message
news:e22ulj$fp7$1@xxxxxxxxxxxxxxxxxxxxxxxxx
Hi Ian,

(But before I go :-)

which is propagated to shareable images activated
subsequently

That simply cannot be! Wash your mouth out. What you are alluding to is
clearly a pointless piece of redundancy.

Cheers Richard Maher

"Ian Miller" <ijm@xxxxxxx> wrote in message
news:1145368839.130610.223730@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
It says
"If either IAC$V_PARANOID or IAC$V_PROTECTED was specified in the
FLAGS argument, the image activator checks that the image was installed
and, if not, returns the error status SS$_PRIVINSTALL to its requestor.
If
IAC$V_PROTECTED was specified, the image must also have been installed
/PROTECTED. If the image passes these checks, the image activator sets
IMCB$V_PARENT_PROT, which is propagated to shareable images activated
subsequently to ensure that similar checks are made for them."






.