old school security (was: IMS 5000 system password filed cracked)
tpeters at mixcom.com
Sun Apr 22 19:47:05 CDT 2007
In TSS/8, there was an IOT ("WHO") that would return the current user's
username AND password in Rad50. It was simple to walk up to a terminal
someone had stepped away from for a few seconds, deposit and few values
from the command line, jump to it, examine the results, and walk away with
the values for later decoding to alphanumeric (ascii) characters.
The TSS/8 o/s at UWM (Milwaukee) was extensively rewritten, in part to
close those gaps. I don't know if it was Dick Bartlein or Sam Milosevich or
other folks (Al would probably know). They gave it real security, replacing
the WHO IOT with (I think) a LOGIN IOT.
They also made it refuse a login request unless you prefaced it with ^B.
That character would always break through to the o/s even if a program was
running, and prevented a form of trojan horse, wherein you could write a
simple program that would simulate the login prompts, capture your
username/password, stash it in a file, and silently log out. If you
attempted a login with that sort of trojan running, the o/s would intercept
the attempt, prevent the trojan from seeing any characters, and respond
?ALREADY LOGGED IN
At 06:16 PM 4/22/2007 -0600, you wrote:
>In article <462BF461.4090406 at compsys.to>,
> "Jerome H. Fine" <jhfinedp3k at compsys.to> writes:
> > On the other hand, I suspect that the actual clear text of
> > the userid / passwords should never have been stored in a
> > file in the first place. If that is what you described (based
> > on what you specified above), that was a VERY serious error
> > in the security of the system. [...]
>Lots of systems made that error. For instance, RSTS/E stored the
>passwords in cleartext and you could list them out if you were a
>privileged (1,*) user. I discovered that when you submitted a batch
>job through the @ processor, it ran as user batch on account (1,2).
>So it wasn't too hard to submit a batch job that ran the ACCOUN
>program to list out the passwords.
>"The Direct3D Graphics Pipeline" -- DirectX 9 draft available for download
> Legalize Adulthood! <http://blogs.xmission.com/legalize/>
784. [Kindness] Kind words do not cost much. Yet they accomplish much.
--... ...-- -.. . -. ----. --.- --.- -...
tpeters at nospam.mixcom.com (remove "nospam") N9QQB (amateur radio)
"HEY YOU" (loud shouting) WEB: http://www.mixweb.com/tpeters
43° 7' 17.2" N by 88° 6' 28.9" W, Elevation 815', Grid Square EN53wc
WAN/LAN/Telcom Analyst, Tech Writer, MCP, CCNA, Registered Linux User 385531
More information about the cctech