NoCTACL

TACL, lacking the interface to $CMON

Dear GreenHouse tool users,

some of you may believe - or be made to believe by so called experts - that $CMON is a quality security base of your NSK system which you can rely on. The bad news is, and always was: It never was and still is not!

$CMON became invented in the 197x time frame, when COMINT was the interactive interface into a Tandem system. Its intention was to have a kind of first level control over a user, e.g. to deny commands (such as ALTPRI), to control the start of a resource, or to translate command abbreviations into real commands (COMINT did not know about macros etc.).

The $CMON interface was carried forward with TACL.

Since SAFEGUARD exists - and that is since 1985 - there is no good reason for using $CMON left. Even the load balancing can easier and much more efficiently be accomplished by using the GreenHouse ShareWare product LAUNCHER.

And here are the reasons why $CMON is NOT a security base you can rely on:

  1. $CMON gets only involved from a standard TACL.
    Even worse: A TACL object file can easily be manipulated in a way, that the $CMON interface is disabled, allowing a complete bypassing of measures provided by a running $CMON process.
  2. GUARDIAN procedure calls used in applications other than TACL, such as
    User_Authenticate_
    AltPri
    etc.

are NOT seen by $CMON at all!
This means: When you do not like to get $CMON involved in your activities - write your own small command interpreter - or use the tools explained below.

To demonstrate the weakness of $CMON, I have prepared a TACL object in a way, that it no longer talks to $CMON and bypasses all $CMON actions.

HP-NonStop Security

Secure your HP-NonStop system with security software and privileged system products and tools from GreenHouse Software & Consulting