![]() |
Software > OpenVMS Systems > Ask the Wizard ![]() HP OpenVMS Systemsask the wizard |
![]() |
The Question is: How can a user with the impersonate privilege use it to take over another UIC ? The Answer is : The OpenVMS Wizard is not in a position to discuss the particulars of how privileges can be misused -- suffice it to say that the IMPERSONATE privilege (formerly known as the DETACH privilege) is documented and is expected to allow a user to access the files and the objects owned by any other user, and thus IMPERSONATE is an all-powerful privilege. The IMPERSONATE privilege is equivilent to other heavy privileges such as the PHY_IO and SETPRV; any "all-class" privilege can be directly (mis)used to gain full OpenVMS system access.
|