I bet you I can write to the VOC unless I do not have write permissions to the file.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Joslyn Sent: Friday, 17 October 2008 1:45 a.m. To: u2-users@listserver.u2ug.org Subject: RE: [U2] Universe Triggers That's really REALLY (I swear!) not true. Even if you can do stuff to the VOC, if you put the verbs into the remote VOC and lock that up, you can ABSOLUTELY prevent unauthorized TCL command usage. You can't copy a VOC command and make it work to bypass the wrapped one in the remote voc. Honestly, you really can't. I can explain in more detail how I did it for PRC if you like - but there are plenty of ways to do it - just read up on the remote VOC. Susan Date: Wed, 15 Oct 2008 13:40:20 +0100 From: Anthony Youngman <[EMAIL PROTECTED]> Subject: RE: [U2] Universe Triggers But IF you can update VOC, you CAN bypass remote voc, which is what David said! As part of your security you need to make sure that users CAN'T update VOC (which is rather harder than it seems at first glance). Cheers, Wol - -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Joslyn Sent: 15 October 2008 12:36 To: u2-users@listserver.u2ug.org Subject: RE: [U2] Universe Triggers David, With the use of remote voc you really can prevent by-pass of "wrapped" TCL commands. Completely, unequivocably. Regards, Susan Joslyn SJ+ Systems Associates, Inc. PRC(r) Real software configuration management for U2! - ------------------------------ Date: Wed, 15 Oct 2008 08:26:00 +1100 From: "Hona, David S" <[EMAIL PROTECTED]> Subject: RE: [U2] Universe Triggers You can by-pass them if you can update the VOC. - ------- ------- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/ ------- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/
