From: Mark(un-MASK)Forsyth [forMsytAhm@optusShome.com.aKu] Sent: Friday, October 04, 2002 8:38 AM To: Info-VAX@Mvb.Saic.Com Subject: Re: Another security issue with the UCX POP server on older versions ? On 4 Oct 2002 07:05:59 -0600, Simon Clubley gushed forth: >In article <3D9D2D6B.1020509@tzora.co.il>, Mike Rechtman writes: >> I haven't actually done much with this, but what would putting an ACL on >> [TCPIP|UCX]$POP_SERVER.EXE limiting use to POP$SERVER do for this (and the >> previous) security issue? >> > >As far as I can see, this would work fine. I noticed that someone else >had already suggested it as well in response to the original advisory. > Yep. My initial reaction to the advisory was to slap an ACL on ucx$pop_server.exe. I've been running with the ACL in place with no ill effects at all. A dir/sec of sys$system:ucx$pop_server.exe yields :- Directory SYS$COMMON:[SYSEXE] UCX$POP_SERVER.EXE;1 [SYSTEM] (RWED,RWED,RE,R) (IDENTIFIER=[UCX$AUX,UCX$POP],ACCESS=READ+WRITE+EXECUTE+DELETE+CONTROL) (IDENTIFIER=[SYSTEM],ACCESS=READ+WRITE+EXECUTE+DELETE+CONTROL) (IDENTIFIER=[*,*],ACCESS=NONE) I am however running a stone age version here... mwf on PLAGUE >> ucx sho vers DIGITAL TCP/IP Services for OpenVMS Alpha Version V4.2 - ECO 1 on a DEC 3000 Model 300 running OpenVMS V7.1-2 mwf on PLAGUE >> -- Ooroo Mark F... Another Optus Cable Traffic Monitor. http://www.members.optushome.com.au/forsythm/traff/