Here's the original mail : -
----- Original Message -----
From: "Richard Maher"
Sent: Sunday, November 04, 2001 6:56 PM
Subject: Re: Wishlist - sort of (More SSA)
> Hi,
>
> (This is the third time I've tried to send this since Thursday. Sorry if
you
> get all three! Hotmail postmaster saying something about delivery
delayed.
> Indefinitely? Anyone else got that?)
>
> Hi Ian,
>
> Issue [1]
>
> >I have describe the SYSTEM_USER before.
>
> And I for one have always listene intently.
>
> >This is the user that allows access to such shared files as RUJ.
>
> I understand this and can see now why, as you have pointed out
previously,
> SYSTEM_USER cannot be dynamic. I agree that the SYSTEM_USER should be
used
> for determining access to such things as the RDMS$RUJ and SORTWORKn
files
> and external routine shareable images. (I also believe there is a case
to
be
> made for image privs playing a part!)
>
> My point is that the above is *not* happening with Rdb 7.1 VMS 7.2-1.
>
> To illustrate, just run my example (I've attached it again in case
you've
> filed it :-) Make sure you run it from an account that *has* access to
the
> RUJ directory. Then, as the *first* username enter someone who *does
not*
> have access to the RUJ directory.
>
> My guess is, when you type up your T2.LOG file, you'll see something
like
> the following:-
>
> Before username MAHER_R
> %RDB-F-SYS_REQUEST, error from system services request
> -RDMS-F-FILACCERR, error creating run-unit journal file
> DISK$SYS:[TEST]MF_PERSONNEL$000144B97F66.RUJ;
> -RMS-E-PRV, insufficient privilege or file protection violation
> %SYSTEM-F-ABORT, abort
> %TRACE-F-TRACEBACK, symbolic stack dump follows
> image module routine line rel PC abs
PC
> T2 ISS_EXEC ISS_EXEC 156 00000000000005EC
> 00000000000305EC
> T2 0 0000000000026044
> 0000000000036044
> 0 FFFFFFFF828D9414
> FFFFFFFF828D9414
>
> My definition of SYSTEM_USER is based on the following:-
>
> BUILT_IN_FUNCTIONS
>
> SYSTEM_USER
>
> The SYSTEM_USER function returns the user name of the process at
> the time of the database attach.
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> I stuck a SYS$SUSPND in my code after the call to
"declare_connection_name"
> and then did a $rmu/sh us mf_personnel just to make sure that MAHER_R
was
in
> fact attached to the database and the SYSTEM_USER was MAHER_R and
MAHER_R
> could write to the RUJ dir.
>
> Am I seeing things? or is Rdb using the PERSONA_USER username and *not*
the
> SYSTEM_USER username to determine access to the RUJ directory? Do you do
a
> $getjpi? or neglect to specify the SYSTEM_USER in a call to
$check_access?
>
> Obviously if you specify a privileged user as the first user when
running
> T1, then the unprivileged user will be able to create an RUJ next time
> around.
>
> Also how would you convince lib$find_image_symbol to use the SYSTEM_USER
> when loading a shareable image if the current PERSONA doesn't have :RE
> access to the image? (lib$fis living in a shareable and not lending
itself
> easily to secure access from EXEC mode)
>
> Issue [2]
>
> SQL> SET SESSION AUTHORIZATION
>
> Let's you SSA to a username who's been DISUSERed. (So does ATTACH etc)
Is
> this correct?
>
> Are you also planning on tightening things up by introducing a call to
> $scan_intrusion?
>
> Issue [3]
>
> You've heard of Rubik's cube? Well there are hours more fun to be had
with
> SS$_PERSONADELPEND!
>
> Watch those rainy winter's days just fly by with the whole family!
>
> This week's question:-
>
> Why do I only get ss$_personadelpend when I have performed an Rdb *READ
> ONLY* transaction??? (READ WRITE transactions result in the persona
being
> able to be deleted immediately) Why is it so?
>
> What baggage does a read only txn leave lying around that requires the
> creating persona to survive? Resource domains? Dodgy asynch i/o? Apron
> strings?
>
> One last observation. If I choose the username of the processes Natural
> Persona I still get ss$_personadelpend and not ss$_nodelpermanent when
the
> flags clearly tell me that the natural persona is obviously permanent.
>
> This is the final clue in this series and must be the clincher!
>
> Damn you for your cunningness!
>
> Please put your answers on a stamped self addressed e-mail.
>
> (The judge's decision is final and no correspondance will be entered
into)
>
> BTW. I've turned off bind_snap_quiet_point, bind_prestart_txn and
disabled
> carry over locks but it still keeps on tickin'
>
> Regards Richard Maher
>
> ----- Original Message -----
> From: Ian.E.Smith
> Sent: Tuesday, October 30, 2001 2:34 AM
> Subject: Re: Antwort: Re: Wishlist - sort of
>
>
> > I have describe the SYSTEM_USER before. This is the user that allows
> access to
> > such shared files as RUJ.
> >
> > Ian
> >
> > Richard Maher wrote:
> >
> > > Hi,
> > >
> > > Ian Smith wrote:
> > >
> > > > Go to metalink.
> > > > Select News and Notes.
> > > > Select Product Enhancements Online.
> > >
> > > Hoorah!
> > >
> > > (Or so I thought)
> > >
> > > I was about to complain that there is nothing under my
> > > News and Events that looks any thing like an enhancement
> > > thingy and then I go back in to check it one last time, and
> > > there it is ERS. This _is_ new isn't it?
> > >
> > > Anyway when I try to log on (MAHERR) it won't let me
> > > (but it does let me into meta-link) so I say show me my
> > > password and it sent it off to
> > >
> > > How can the ERS system have different usernames to
> > > meta-link? Do I need two Usernames? Who is this
> > > imposter :-)
> > >
> > > Regards Richard Maher.
> > >
> > > PS. Just in case anyone is being proactive about SET
> > > SESSION AUTHORIZATION PERSONA thing,
> > > I noticed something else the other day. Access to the
> > > RDMS$RUJ directory (and presumably other RMS
> > > files such as sortwork files) appears to be checked
> > > for the "first" user only! Do you do a $check_access
> > > for the _first_ read/write transactionn only? So
> > > when I SSA to a user that does not have write access
> > > to the RUJ directory Rdb is still happy to write to it.
> > >
> > > Rdb also does *not* seem to take image privs into
> > > account when deciding if the RUJ can be written. Why
> > > not? It looks something like $check_access to me.
> > >
> > > ----- Original Message -----
> > > From: Ian Smith
> > > Sent: Wednesday, October 17, 2001 5:22 PM
> > > Subject: Re: Antwort: Re: Wishlist - sort of
> > >
> > > > Go to metalink.
> > > > Select News and Notes.
> > > > Select Product Enhancements Online.
> > > >
> > > > Ian
> > > >
> > > > Philipp Lewis wrote:
> > > >
> > > > > Well,
> > > > >
> > > > > I might if I could find the bloody ER system entry point !
> > > > > Then again, now I am unemployed I have hours to waste trolling
> Oracle
> > > > > websites for no apparent benefit
> > > > >
> > > > > ciao
> > > > > philip
> > > > >
>
>
|
