home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.os.vms
- Path: sparky!uunet!destroyer!sol.ctr.columbia.edu!usenet.ucs.indiana.edu!newshost.cs.rose-hulman.edu!news
- From: mgrthh@HYDRA.ROSE-HULMAN.EDU
- Subject: Re: Am I in SYLOGIN?
- Message-ID: <1992Jul22.195449.10192@cs.rose-hulman.edu>
- Sender: news@cs.rose-hulman.edu (The News Administrator)
- Nntp-Posting-Host: rosevc.rose-hulman.edu
- Reply-To: mgrthh@HYDRA.ROSE-HULMAN.EDU
- Organization: Rose-Hulman Institute of Technology
- References: <1992Jul22.113259.1@utxvms.cc.utexas.edu>
- Date: Wed, 22 Jul 1992 19:54:49 GMT
- Approved: wccmod@nextwork.rose-hulman.edu
- Lines: 30
-
- In article <1992Jul22.113259.1@utxvms.cc.utexas.edu>, ccdk001@utxvms.cc.utexas.edu writes:
- >[...]
- >I have an installed privileged application that I want executed during the
- >login process, but I don't want users to be able to execute it directly.
- >It does "things" based on an assumed state of that process/environment at
- >that time particular time. Allowing users to change their environment
- >(logical names, devices, etc.) and then rerunning this image could be
- >a problem in some instances.
- >[...]
- >++ Dave
-
- I'm thinking that a fairly simply solution would be to do the following:
-
- 1. Create an identifier (like SYLOGIN_DONE), NOT dynamic.
- 2. Set the protection W:E and the ACE
- (IDENT=SYLOGIN_DONE, ACCESS=NONE)
- on the image.
- 3. Inside the image, (requires CMKRNL, but it's a safe system service)
- issue the $GRANTID system service to grant the identifier to the
- process. The image would have to be installed, of course, but
- that's fairly simple.
-
- There may be an easier solution that I'm missing, but this should work.
-
- - Tom
- --
- Tom Hopson thomas.h.hopson@rose-hulman.edu
- VMS Manager mgrthh@rosevc.rose-hulman.edu
- Rose-Hulman Inst of Tech,
- Terre Haute, IN
-