Some TANDEM supplied programs, e.g. SAFECOM, SCF etc. allow the user to start a new program through a RUN command from within e.g. SAFECOM. The RUN feature is intended to makes the use of the tools easier. But this feature might be a security problem: In case e.g. SAFECOM runs with the SUPER.SUPER ID, any program, started through SAFECOM by the RUN command, executes with the SUPER-ID.
Controlling the RUN-ability of Tandem supplied programs is demanded since a long time.
The library code RUNCTRL (RUN Control) is able to control all RUN commands, initiated from within any program (Tandem supplies, as well as user written).
To control the RUN command, the library RUNCTRL has to be bound to the program(s), where the RUN command should be controlled. It intercepts the three procedure calls:
- PROCESS_CREATE_
- NEWPROCESS
- NEWPROCESSNOWAIT
and checks the following three parameters:
- The program, executing the RUN command (Originator), e.g. SAFECOM, SCF etc.
- The user of the program, executing the RUN command (User)
- The resource that has to be started by the RUN command (NewProgram), e.g. EDIT, FUP etc.