[HECnet] Anonymous FAL (Tops-20)

Thomas DeBellis tommytimesharing at gmail.com
Fri Jul 5 11:57:53 PDT 2019 

Yes, clearly one couldn't hope to cross compile the MACRO-11 to a PDP-10 
processor.  Those are indeed vastly different duchies...

It was the BLISS NICE code that I was thinking about.  DEC was really 
pushing to have all development done in that high level systems 
programming language (they had picked up about C) in the 1980's.  There 
was some amount of interchange between the platforms--corporate was 
really on about it.  However, there was significant engineering push 
back, if for no other reason that nobody in their right mind who was 
halfway decide at MACRO-10 would be caught dead using BLISS.  It was 
just too easy to outperform.

That's too bad about sources; DEC used to be quite open about them, 
under the mistaken belief that they were a hardware company.  So 
DECsystem-10's came with Tops-10 source and were much modified.  Ditto 
TSS-8 and OS-8 for the 8/I and 8/E.  For Tops-20, the sources cost 
$20,000, which might be something like $60,000 today.  So not as many 
sites had them.  We did as did WPI, MIT, Standford, CMU, CWR and many 
others.

At one point, I do remember seeing certain VMS sources, but I don't 
recall the context.  It might have been when I was still with DEC.  I 
guess you can't even threaten to pay them to get any, huh?  Bummer...

> ------------------------------------------------------------------------
> On 7/4/2019 2:48 PM, Johnny Billquist wrote:
>
> The one annoying detail of the account system in TOPS-20 is that user 
> disk quotas are on a per directory basis. So you have to manually move 
> your disk quota around for your subdirectories.
>
> I doubt you could lift any of the RSX or VMS DECnet code over to 
> TOPS-20. The RSX code is mostly MACRO-11, and the VMS DECnet code is 
> rather closely integrated into VMS in general, I seem to have observed.
>
> Also, no, VMS hobbyist license do not get you any sources.
>
>   Johnny
>> ------------------------------------------------------------------------
>> On 2019-07-04 04:01, Thomas DeBellis wrote:
>>
>> Tops-20 is vastly different from Unix (and I believe also VMS) as to 
>> how it manages user ids and accounts.  Parts of the authentication 
>> paradigm are very tightly woven into the the file system.  Briefly,
>>
>>   * A user id is a login-able directory (I.E., one that doesn't have
>>     apassword and is not set FILES-ONLY).  In addition to basic OS
>>     restrictions which prevent you from viewing file system meta-data
>>     unless you have appropriate authorization, an access control job
>>     (ACJ) is layered on top of this which can even restrict
>>     privileged users.
>>   * Accounts are either validated out of a binary accounting file in
>>     monitor space (which is compiled from ASCII source) or via the
>>     ACJ.     Accounts can have multiple users or systems processes
>>     (such as spoolers) creating billing records. Users can switch
>>     between accounts on a per-job, per-fork and intra-program basis
>>     (a program can decide to bill certain portions of its activity to
>>     different accounts).
>>   * The obvious benefit is that there is no password file to attack
>>     or steal and you can't even tell that there is an accounting
>>     file; probing passwords is monitored and a certain amount of
>>     intervention is done.  It is /extremely/ fast. No /etc/passwd to
>>     grovel.
>>
>> However, a deleterious side-effect is that once an id is created, it 
>> can be used for _anything_, including online interactive login.
>>
>> On a PANDA monitor, is possible to specify a user id as FTP-ONLY, but 
>> neither the supplied 5 series ACJ nor the EXEC do anything with it.  
>> Historically, the Tops-20 FTP server implemented ANONYMOUS usage by 
>> parsing for the login user atom ANONYMOUS and then swallowing 
>> anything for the password (what was typically supplied was an email 
>> addresses). This was then hardwired into a local id.
>>
>> Artifacts of this still exist in certain browers.  Guess who supplies 
>> IEUSER@ as the email address password for ANONYOUS usage?
>>
>> I recall that this is the approach that we had to use with Tops-20 
>> FAL.  The Extended  Mode FTP server that I wrote is configurable via 
>> a file to specify the underlying id and password.  More 
>> productization would probably including having the ACJ enforce 
>> FTP-ONLY on LOGIN% or CRJOB% and having the EXEC parse for and 
>> display FTP-ONLY.  Probably about two weeks' part time work as I 
>> recall.  Might have to consider Batch policy.
>>
>> One approach here could be to lift the ANONYMOUS code out of EFTPSR 
>> and drop it into FAL and then do the changes to the ACJ and EXEC. I'm 
>> just surprised none of the HECnet Tops-10 or Tops-20 nerds have done 
>> it (there is some commonality in some of the sources).
>>
>> Since Tops-20 has a BLISS compiler which implements BLISS COMMON (my 
>> first training at DEC as an employee was to write code that would 
>> cross compile under VMS, RSX, Tops-10 and Tops-20).  I think it might 
>> be useful to review some of the VMS DECnet source, if any of that is 
>> available.  It might be possible to lift some functionality, which 
>> could be fun.
>>
>> Does the VMS hobbiest license get you source code?
>>> ------------------------------------------------------------------------
>>> On 7/3/2019 7:21 PM, Johnny Billquist wrote:
>>>
>>> VMS, as someone else mentioned, have a default account for FAL.
>>>
>>> RSX does not have that.  However, you can use proxy access in RSX to 
>>> achieve something similar.  Enable incoming and outgoing proxy, and 
>>> define a default account that incoming requests should be using that 
>>> way.
>>>
>>> If TOPS-20 can do this I don't know.  But it's a suggestion for 
>>> something else/more to check.
>>>
>>>   Johnny
>>>> ------------------------------------------------------------------------
>>>> On 2019-07-03 14:15, Thomas DeBellis wrote:
>>>>
>>>> I have some software that I'd like to post, but don't recall how to 
>>>> configure FAL to allow for an anonymous connection; to download 
>>>> from a restricted directory.
>>>>
>>>> I know how to do it for the FTP server (seeing as I wrote it), but 
>>>> ... different code base.
>>>>
>>>> I can only vaguely remember what we did for CCnet at Columbia 
>>>> University in the 1980's, but I think it was kind of a hack.
On 7/4/2019 2:48 PM, Johnny Billquist wrote:
> The one annoying detail of the account system in TOPS-20 is that user 
> disk quotas are on a per directory basis. So you have to manually move 
> your disk quota around for your subdirectories.
>
> I doubt you could lift any of the RSX or VMS DECnet code over to 
> TOPS-20. The RSX code is mostly MACRO-11, and the VMS DECnet code is 
> rather closely integrated into VMS in general, I seem to have observed.
>
> Also, no, VMS hobbyist license do not get you any sources.
>
>   Johnny
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sonic.net/pipermail/hecnet-list/attachments/20190705/9e83d79e/attachment.html>

More information about the Hecnet-list mailing list