|
HP OpenVMS Systemsask the wizard |
|
The Question is: Is there a way to audit the set UIC command? Generally I know the answer is no. But is there an alternate route, like a CLD change in the set.cld and mcrset.cld definition files or some such work around. Thanks The Answer is : Enable auditing of the use of CMKRNL privilege, or remove the privilege. Untrusted users with CMKRNL privilege are, of course, fully and completely privileged -- the SET UIC command is the least of the problems that can be caused by such users. If an unreliable and insecure approach is acceptable, remove the command verb from the command tables. Given the complete system access permitted by CMKRNL, there are other ways -- not the least of which involves direct modification of kernel-mode data structures -- which can cause security-relevent exposure.
|