From:	CSBVAX::MRGATE!KARNEY%PPC.MFENET@NMFECC.ARPA@SMTP  1-MAY-1988 14:59
To:	ARISIA::EVERHART
Subj:	Final (?) update on the security patch problem with BOSS:


Received: from ppc.mfenet by ccc.mfenet with Tell via MfeNet ;
	Sat, 30 Apr 88 08:50:32 PDT
Date:	  Sat, 30 Apr 88 08:50:32 PDT
From:     KARNEY%PPC.MFENET@NMFECC.ARPA
Message-Id: <880430085032.21200215@NMFECC.ARPA>
Subject:   Final (?) update on the security patch problem with BOSS:
To:       Everhart%Arisia.decnet@ge-crd.arpa
Comment: From KARNEY@PPC.MFENET on 30-APR-1988 11:45:55.23 EDT

Final (?) update on the security patch problem with BOSS:

Background:

There is a problem with BOSS on systems which have installed the recent
(March/April 1988) DEC security patch to VMS 4.7.  The symptom is that BOSS
quits with an "insufficient privilege" error when you first try to start a
process under BOSS.  The problem is that allocation of the pseudo TTYs
requires read access, something which BOSS had by default before the patch.

Solution:

The recommended fix is to patch the pseudo TTY driver so that pseudo TTYs
are world readable.  Here is the suggested change from Tony Cook, ORAC Ltd,
Leeds England (modified slightly to reflect the version of PTY that I've
been sending out to people):

----------------------------------------------------------------
From: ORG5NMC@CMS1.UCS.LEEDS.AC.UK
Subject: Fix for PTY driver
Date: April 25, 1988

DEC's recent SECURITY UPDATE V2 patch has broken the CMU/Hughes
PTY pseudo terminal driver. The patch to TTDRIVER.EXE has changed the default
device protection for cloned devices (e.g VTAn virtual terminals). Thus
the pseudo terminal device TPAn: receives the totally useless device protection
of [S:WRLP O: G: W:]. It used to be [S:WRLP O:WRLP G:WRLP W:WRLP].
 
This can be cured by adding two lines to TPDRIVER.MAR in the device UCB
initialisation procedure TP$INITLINE, AFTER default UCB initialisation
is done. Thus:
 
Before ...
 
        MOVL    UCB$L_TT_CLASS(R5),R1           ; Address class vector table
        JSB     @CLASS_SETUP_UCB(R1)            ; Init ucb fields
        bisw    #TTY$M_PC_NOTIME, -
                UCB$W_TT_PRTCTL(r5)             ; Class driver not to time out
20$:    BBC     #UCB$V_POWER,UCB$W_STS(R5),40$  ; Powerfail handler 
 
After ...
 
        MOVL    UCB$L_TT_CLASS(R5),R1           ; Address class vector table
        JSB     @CLASS_SETUP_UCB(R1)            ; Init ucb fields
;; Next two lines from ORG5NMC@CMS1.UCS.LEEDS.AC.UK (Tony Cook) 25-APR-1988.
;; This is supposed to fix a problem introduced by a DEC security patch.
        MovL    Ucb$L_Orb(R5), R0                ; Get Object Rights Block
        ClrW    Orb$W_Prot(R0)                   ; Restore device protection
        bisw    #TTY$M_PC_NOTIME, -
                UCB$W_TT_PRTCTL(r5)             ; Class driver not to time out
20$:    BBC     #UCB$V_POWER,UCB$W_STS(R5),40$  ; Powerfail handler
 
Tony Cook  (ORAC Ltd  LEEDS England)
----------------------------------------------------------------

    Charles Karney
    Plasma Physics Laboratory   Phone:   +1 609 243 2607
    Princeton University        MFEnet:  Karney@PPC.MFEnet
    PO Box 451                  ARPAnet: Karney%PPC.MFEnet@NMFECC.ARPA
    Princeton, NJ 08543-0451    Bitnet:  Karney%PPC.MFEnet@ANLVMS.Bitnet

[Distribution to more than ten people]