Mailing List Archive

   tlug.jp -> Mailing List -> tlug archive -> tlug Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] For all you vi heathen ;-)

On Fri, 17 Jul 2020 at 23:59, Curt J. Sampson <cjs@example.com> wrote:

> I would not allow any extranet remote users at all unless I am running
> OpenVMS or OpenBSD.

That is a very foolish approach to security.

While I cannot be sure about OpenBSD, ...

Running VMS is about the smartest approach to security on this planet.
 
The vim issue is no surprise; probably the most important part of the "fix"
was the addition of these two lines to the documentation:

    Note that the user may still find a loophole to execute a
    shell command, it has only been made difficult.

"'Restricted' version of a very general, complex tool" is almost invariably
a security fail; we've known this for decades. (Remember when `rsh` meant
"restricted shell"?)

Well, on VMS a "restricted shell"  is called a captive account
and it actually performs to specification, not best effort.

The deathrow VMS cluster was running for many years with captive accounts
being handed out to anybody who would email in and ask for one. Nobody has
ever managed to break out. Some naive script kiddies tried once in a while,
immediately triggering alarms that logged them out and disabled their
accounts. The system administrators always posted such attempts on the
deathrow website for the amusement of the user community.

VMS is truly Orwellian. What you are not authorised to do, you cannot do,
and that is done at the kernel level, not in a shell command interpreter.
And everything you are authorised to do can be monitored and alarms
can be put on it. Users can be automatically logged off and their
accounts disabled if they do things that look like probing the system.

Sometimes, the deathrow system admins had a bit of fun watching
script kiddies in action, letting them play to see what they would be doing.
The transcripts of this foolishness were then posted
on the website and gave us all many good laughs.

Serious crackers, like state actors or state sponsored hacking outlets
wouldn't even waste their time probing. They know it'd be futile.

There is a difference between system design with security designed in
from the start, and system "design" with "security" bolted on afterwards.


There's a reasonable argument to be made that things of this nature, should
not be made available. Not only are they an almost certain source of
security holes if used naīvely, but almost any use, even by someone who
(normally) knows what he's doing, is naīve. But they do have their (very)
occasional uses.

Well, since I sold my last VAX and Alpha workstations about 20 years ago
and the x86 port of VMS is not quite available yet, I appreciated the free captive
account I got on the deathrow cluster for porting some of my open source stuff
over to VMS.

Providing such a service on just about any other system would be indeed a
security nightmare, but not with VMS. Unfortunately, the guys shut it down
a few years ago due to the aging hardware (several VAX cluster nodes)
making it difficult to get spare parts, high electricity consumption and use of
space.

Fortunately, VSI who acquired the rights from HP have been working hard
on the x86 port and they shipped the first OS on a trial basis to a customer
a month ago, release for general public is scheduled for the end of the year.

https://vmssoftware.com/updates/state-of-the-port/

Home | Main Index | Thread Index