ADDS Mentor 2000 - Big success!

POVF gives me: 4585- 4585 : 1 46976- 46980 : 5 46982- 46990 : 9 46994- 46999 : 6 47040- 47077 : 38 47084- 47088 : 5 -- Many more lines deleted for brevity - I can send off-list if useful -- 51330- 51669 : 340 51671- 52227 : 557 52229- 52340 : 112 52342- 52351 : 10 52353- 74623 : 22271 ADDITIONAL FRAMES : 826 TOTAL NUMBER OF AVAILABLE FRAMES : 26139 WHAT gives me: 00:04:08 23 SEP 1988 MAXUSERS [8] CURRENT # USERS [1] CORE LINES PROCESSES PCB0 WSSTART WSSIZE SYSBASE/MODULO MAXFID OVRFLW 512K 8 9 768 1056 127 4485 27 74623 26139 GROUP AND EXECUTION LOCKS (LOCK-PROCESS) *000 000300 FF20 121.000 121.1BC 166.586 005 0003A0 BF00 170.06A 170.0B4 007 0003E0 BF00 170.06A 170.0B4 008 000400 BF00 170.06A 170.13C THE SPOOLER IS INACTIVE. PRINTER # 0 IS SERIAL AND INACTIVE. THE PRINTER IS RUNNING ON PROCESS 7. ASSIGNED OUTPUT QUEUES: 0. THE NUMBER OF INTER-JOB PAGES TO EJECT IS 0. PRINTER # 1 IS SERIAL AND INACTIVE. THE PRINTER IS RUNNING ON PROCESS 5. ASSIGNED OUTPUT QUEUES: 1. THE NUMBER OF INTER-JOB PAGES TO EJECT IS 0. Thanks for the other warnings and hints... Agreed - now that I'm in to it, I've found a "whole bunch" of accounts which have no passwords and can get to a shell. Several of them with "high privilege.... But if these acounts were either removed or properly password protected, they would not present the gaping hole in security that I exploited. Btw, Why could this exploit not happen on another port or the dial-in line ... Are the various system accounts (BACKUP etc.) not accessable from all the ports (I tried from PORT-1 and it worked) - Does the BREAK interrupt not work from a dial-up line? -- Just curious as to why this "hole" would not be accessable from a more remote terminal. Well... I used CREATE-ACCOUNT to create a DAVE account - It asked me 4-5 rather terse/cryptic questions to which I accepted the defaults. This created an account which I could log in to, however CREATE-FILE advises me that I do not have sufficent privilege to use this command! So I decided to try from the GAMES account since it lets me get to a TCL prompt, and does not appear to be a privileged account. 'CREATE-FILE MYBP' results in this error message: [416] RANGE ERROR IN MODULO PARAMETER. Looks like it wants a parameter of some kind - tried 'CREATE-FILE MYBP 10' and got the same result, and don't want to try too much else without knowing what I'm actually doing - going to see if I can pickup a PICK book or docs .... But if you can suggest resolutions to the above (ie: How to create an account where you can make files, and how to actually create the file)... that would be helpful, as I agree that a "safe" account for experimentation would be a good idea. On the more positive side, I believe I have successfully created two SYSGEN tapes - they can be booted (and it works), but I have not tried performing an actual restore We are supposed to be getting high-speed wireless access in my area within the next month or two ... If it works reliably (big if), I am hoping to get a server set up here eventually which I can use to make various classic systems available for on-line demos.. The Mentor would be a good candidate - but given your warnings about three-character death incantations, I don't know that I would make the privileged users generally available... Dave -- dave06a (at) Dave Dunfield dunfield (dot) Firmware development services & tools: www.dunfield.com com Collector of vintage computing equipment: http://www.parse.com/~ddunfield/museum/index.html