Conference noted::hackers_v1

	Yes i have the Same Problem as well !!!!

THIS IS A TEST LOOK AT MY USER NAME

This is easy stuff.  What you really want is to be able to change your
username in VMS, and even that's not all that hard if you've got CMKRNL
privilege.

I must confess, however, that I did try to change my username once while I
was at college.  I crashed the VAX instead.  :-)


    				JENelson

I have a program which will change my username.  It is much easier
than logging out and back in again and faster than SET HOST 0.  I 
haven't tried doing the same thing on RSX yet but I suppose it's not 
that hard.

tom p

ps. No, the program will not be made available.

You won't ufind a UAF entry for FOOBAR in the PARVAX authorization file.

tom p

	Whoop-de-do.

	It's possible to change if you have CMKRNL privs.  Does anyone know
how to handle it with normal privs?
		<_Jym_>

Well, its all quite easy if you have CMKRNL privs. Has/does
anyone know how to do it with minimal priv's (i.e., NETMBX and
whatever that second one is).???

				- Lester -

Pre FT2 V4 - yes...

/Bevin

WHAT DO YOU MEAN BY "Pre FT2 V4"


PLEASE SOMEONE TELL ME HOW TO DO IT ,JUST IMAGIN GOING THROUGH LIFE

WITH A USERNAME LIKE ::MORGANTI


JOHN.

See your system manager...

Since the username is only writeable from K-mode, the solution is simple...

Crack VMS, mung the SYSUAF file or CHMK and mung your PCB!

/Bevin

 ^
 |
 +-------Please note the real node HACKER

RE: .0,.1,.2

	Please don't use HACKER as your node name.  There is a real
	HACKER here in S. Lawrence.  If you are going to continue to 
	do this then please add your real node::username at the end
	of your note or reply.  I'm not trying to sound like a bas---d.
	I just don't think my system manager would like to get phone
	calls asking why Mr. Mumblefratz isn't on HACKER.

						mike

	OH SORRY,
I DIDN'T REALIZE THERE WAS A NODE NAMED "HACKER::"

	As for how to do it without having the privs, there is what is
	better known as the INSTALL utility under VMS which will allow
	a program/utility to be installed with privileges, and the pro-
	gram will be invoked with the privs. You must have CMKRNL priv
	to install the program though.

							Nestor

Re: .-1

	One way to protect against that (other than protecting all directories 
with privileged images on the system) is to have LINKER set a privilege mask 
in the header of an image. The linker (with the user of a qualifier) should
allow a privileged user set in the header all the privileges that the user can 
get to begin with (for example if I don't have CMKRNL to begin with the linker 
should reject my request to set the CMKRNL bit in the image header). INSTALL 
utility should look at those bits automatically instead of the qualifiers. 
That will make .-1 much harder if not impossible. What do you think?

							- Victor -

re: .-1
Now you've made the security of the system dependent on being able to guarantee
the integrity of file contents.  Sure, I can't get the linker to set the right
bits - but I own the file - I can go in afterward and set any bits I please.

It's possible to make this work, but difficult.  RSTS has essentially this
approach.  Save BASIC PLUS compiled files are execute only to the owner - and
can't be changed.  The privilege bit is not in the file itself, but in the
protection code; the analogous thing in ODS would be to put the allowed priv
bits into the file header, rather than the file.  It had better be in a "system
only may write" field in the header.  THEN you have to worry about files on
mountable media - if I can ever pull the disk off the system, I can take it
somewhere where I can write anything I want on it.  THEN you have to consider
what BACKUP should do - do you allow it to restore only those privileges that
the process it is running in already has?  Then you have to do system restores
from a process with all priv's on - unfortunate.

Why not just leave things the way they are?
							-- Jerry

Ok Ok I'll ask (better late than never.....

It sounds like changing one's username is VERY difficult with min-privs.

But how do you change node name with min-priv.......

The only way I could even think of doing this is to re-assign logical
"SYS$NODE" in the LNM$SYSTEM_TABLE but again with min-privs this is just 
not allowed. I was also afraid of what this would do to the system if this
was reassigned ,I take it that everyone on the node would have that logical
,I don't think my SYS$MANAGER's would like this.....

Am I on the right track or should I be looking somewhere else(Maybe Hack notes 
utility???)....

Also if I had privs to change SYS$NODE would it work(would the system work too?)


					Thanx
					Hack with no privs

You *can* define SYS$NODE in a LNM$SYSTEM_TABLE with min-privs.  Just create
a process private logical name table called LNM$SYSTEM_TABLE, and put the
name in there.  In other words, there's no security associated with logical
names in a table called LNM$SYSTEM_TABLE.

However, SYSNAM privilege is needed to create an EXEC-mode logical name,
and VNOTES only looks for EXEC-mode (or kernal-mode) logical names when
translating SYS$NODE in LNM$SYSTEM_TABLE.  Of course, if you've got direct
RMS access to the file, you can hack it in a variety of ways (but don't --
this is a dull hack, and if you trash the notefile, people become irate).

If a server is accessing the file, you'll need to fool the server into
believing the connection is from some other node (good luck).  This is
doable (and described in some notefile), but is a nuisance.  And while
considerable effort would be required for this, it looks just like the
dull hack above.

The name server, when available, will solve the problem of imposter nodes,
so even fooling a remote Notes server will be impossible.  Sorry that all
the neat hacks are being taken away, but that's security for you.