From: SMTP%"RELAY-INFO-VAX@CRVAX.SRI.COM" 7-FEB-1994 09:26:30.29 To: EVERHART CC: Subj: Re: INQUIRE vs. READ X-Newsgroups: comp.os.vms Subject: Re: INQUIRE vs. READ Message-Id: <8370036@zl2tnm.gen.nz> From: don@zl2tnm.gen.nz (Don Stokes) Date: 6 Feb 94 13:05:19 GMT Sender: news@zl2tnm.gen.nz (GNEWS Version 2.0 news poster.) Distribution: world Organization: The Wolery Lines: 44 To: Info-VAX@CRVAX.SRI.COM X-Gateway-Source-Info: USENET kieffer@ACS.UCALGARY.CA writes: > I have been charged with trying this 'feature' out while checking > security on an important VAX, but so far I have not succeeded. Is > there anyone in this group who could help? Well, some of my favourite tricks include turning verify on with: 'f$verify(0)' in the INQUIRE input line. This often gives useful clues as to how to break the procedure. Once you know how the procedure ticks, you can do things like: 'f$pid(if)' which creates a context symbol called "IF", which in turn, uh, interferes with the normal operation of the DCL IF statement. The real gotcha to look out for though is symbol subtitution, eg: $ READ SYS$COMMAND filename/PROMPT="File to view: " $ TYPE 'filename' If you feed into this: File to view: @TT: _$ NL: _$ you have just broken the commmand file -- and the lovely part about this is that since it's still running a command procedure (it happens to be the terminal, but it's still a command procedure), the CAPTIVE flag won't help a bit. The "correct" thing to do in this case is to either make _absolutely_ _certain_ that you know what's being fed into single quote substitution, or use the '&' operator, which is parsed after the command is parsed, eg: $ READ SYS$COMMAND filename/PROMPT="File to view: " $ TYPE &filename -- Don Stokes, Network Manager, Victoria University of Wellington, New Zealand. don@zl2tnm.gen.nz(home) don@vuw.ac.nz(work) +64 4 495-5052 Fax+64 4 471-5386