Last night a bomb exploded very near to my house. It was very impressive, the noise shook the walls and the door slammed against its lock (but was far from bursting open, hopefully). Actually it was not THAT near but the bomb had been very powerful. It completely destroyed the building and that's what it was meant for. I heard the target was the building of the National Office of Unemployment (that place which helps you finding a job when you don't have one), and that there's a real big hole in it.... Those days I just don't have time to work on LISTSERV. As you may have seen on LINKFAIL we have power problems, and I'm still working on the migration to the 3375s; besides we'll be installing VM/SP 4 next week. I recently found that we had a few privileged servers with security holes even larger than the hole in the destroyed building... They were written by Mr Sein-Aye, for whom I have a lot of respect because when he came here he knew nothing about computers and he managed to learn an incredible amount of things about VM in the two years he worked here part-time on three different computers, the 4341 being the one he spent the smallest amount of time on because it usually 'works without problems when left alone' (his words) which is not at all the case of the other two fr*nch computers. However he had *no idea* of what *security* is... the servers had ABDG privs, which they did not need except to use MSGNOH, and RECEIVEd whatever file a user would send them (but of course the end-user execs he wrote only sent files with a filetype of 4250 or JOB). Then he picked up the name of the sender and number of 4250 pages of the document from the first line in the file (where they were inserted by the end-user exec), etc, etc. You could bill jobs to someone else, increment your 4250 output quota by sending a one-line file, "hh:mm:ss myuserid -100" to the server, etc. I'm presently rewriting the two servers, which is as funny and fascinating a job as you may imagine, and have given up rewriting another server which showed the same problems but only had class G. Ah, by the way, DISKACNT (the standard IBM-supplied one) is as stupid as the above servers and receives any- thing with name "VM370.ACCO.RECO", regardless of origin. Thus you can increment or decrement the bills of any user by sending the appropriate accounting cards from any class G account. I rewrote it a long time ago, just thought you might be interested... It's funny. Of the five servers shipped by IBM along with IPF, four of them (VMUTIL, DISKACNT, OPERATNS, SYSDUMP1) show security leaks, and I have not yet understood what the fifth one is for (ROUTER). There is of course no problem with AUTOLOG1 but I don't call this a server... Eric