On Mon, 18 Sep 89 10:03:56 TUR Turgut Kalfaoglu said: > >I would like to transfer a complaint that has been passed to me from >TREARN's system programmers: > ......... >With the help of such programs, (like SUPERSET from UAFSYSB, and others) >our system directory was hacked this weekend: MAINT user was deleted, >SEVERAL high-priority VM's have been duplicated (so that we ended up >with two or more of the same VM name running at the same time) >and notification that the directory was updated did not reach the operator >console. > I agree with Leonard - prove that it's possible for JoeUser and let the vendor fix it. Regarding SUPERSET - you need privs to display and alter REAL STORAGE, usually a class G user can't do that. To change certain bits/bytes in a VMBLOK (or VMDBK) it takes only three commands. If it works for a user when sHe uses SUPERSET, then it'd also work by hand. And if TREARN hands out privs to irresponsible users (I do not imply this has been done) and then blames certain programs for damage then they could as well blame big blue for documenting LOCATE, DCP and STCP. Same applies if disks have been damaged. Is there any proof that one of the public programs has been used? Dunno how the CMS Batch facility works today - but some years ago I verified that a user could easily bypass the command filter and issue *any* CMS and CP command in the batch machine (including IPLs and of course priv commands in the scope of the classes of the batch worker machine). Christian