INFO-VAX Tue, 24 Apr 2007 Volume 2007 : Issue 223 Contents: Re: DCL Magic? Re: Guidelines for converting programs to ODS-5? Re: If you live in California, get out now! (Part 2) Re: If you live in California, get out now! (Part 2) Re: If you live in California, get out now! (Part 2) Re: If you live in California, get out now! (Part 2) Re: looking for up-to-date LaTex etc for VMS Re: Mysterious BUGCHECK while booting 7.3-1 on DEC2000 Re: Oracle 10.2.0.2 Standard Edition available for VMS Re: Oracle 10.2.0.2 Standard Edition available for VMS Re: Oracle 10.2.0.2 Standard Edition available for VMS Re: Oracle 10.2.0.2 Standard Edition available for VMS Re: Still no TFTP client? Re: Still no TFTP client? Re: Still no TFTP client? Re: Still no TFTP client? Re: Still no TFTP client? Re: Still no TFTP client? Re: Still no TFTP client? Re: Still no TFTP client? Re: Still no TFTP client? Re: Still no TFTP client? Re: Still no TFTP client? VMS 8.2 VMSINSTAL Bug with RUN_IMAGE Persists? Re: VMS Alpha to Itanium port Re: VMS Alpha to Itanium port Re: VMS Alpha to Itanium port Re: VMS Alpha to Itanium port Re: [OT] If you live in California, get out now! (Part 2) Re: [OT] If you live in California, get out now! (Part 2) Re: [TCPIP V5.6] Comment lines in tools (like FTP) Re: [TCPIP V5.6] Still no TFTP client? ---------------------------------------------------------------------- Date: 23 Apr 2007 15:32:56 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: DCL Magic? Message-ID: <8He5hU9PRrx0@eisner.encompasserve.org> In article <00A66925.7CDCDCF9@SendSpamHere.ORG>, VAXman- @SendSpamHere.ORG writes: > > What happens when a program called SYS$SETDDIR() and then drops out to > DCL where the default was set in the program? The same as when they use "set default" instead of the .COM file. But then I never did like path names taking up 80% of my command line. ------------------------------ Date: 24 Apr 2007 00:37:00 -0500 From: wb8tyw@qsl.network (John E. Malmberg) Subject: Re: Guidelines for converting programs to ODS-5? Message-ID: In article <45D10D9A.48AB8E09@spam.comcast.net>, David J Dachtera writes: > JF Mezei wrote: >> >> >> For adding ODS-5 feature access from a program, I've conditionally >> >> compiled my RMS code for VAX vs. other, using NAM vs. NAML. >> >> Note that an Alpha can have access to ODS2 disks as well. So an alpha >> executable shouldn't assume ODS5 for everything. >> >> Another reason why I keep suggesting that VMS should have a "make valid >> file name" function (perhaps an item code in SYS$PARSE) that would ensure >> the file name is converted to a valid form for the target disk depending on >> its structure. This way, programs could allow input of any file name, and >> use that service to convert the file name into a valid one for the target >> device. > > How do you convert it back? It would take a while to even come up with a list of all the popular ways to encode a UNIX file specification into a ODS-2 legal method, and many of the methods are one way. For example, if a program needs to open foo.bar.dat, a robust program could need to look for: foo^.bar.dat foo_bar.dat foo.bar_dat and even foo__46bar.dat foo.bar__46.dat Add in the trick of using the $ character to invert case that some conversions do, you have even more possibilities to search for. The last too encodings have been used by various versions of Pathworks, Advanced Server, and SAMBA, and are the only way that is reversible. And that is with out getting UNICODE into the picture. ODS-5 has at least two ways of encoding UNICODE file specfications. The method used by many OpenVMS applications such as Advanced Server is to encode them in VTF-7. ODS-5 also indirectly supports the method of encoding known as UTF-8, which is popular with UNIX programs. UTF-8 is structured so that existing UNIX string routines and file parsing algorithms would work with out modification. This introduces a problem with porting internationalized applications from UNIX to OpenVMS. VTF-7 encoded filenames can not be converted to UNIX format filenames at this time by the OpenVMS CRTL, so VTF-7 encoded filenames are not accessable to applications requiring UNIX syntax unless extra work is done. UTF-8 encoded filenames will be visible to applications that expect VTF-7, however they will be hex encoded, so may not be easy to understand. It is not hard to write a conversion routine to convert from VTF-7 to UTF-8, so that an application like ZIP can store the filename with out losing data. Creating the file with a UNICODE filename is a problem for programs like UNZIP. 1. The application or run-time library needs to know if it should encode the filename in VTF-7 or UTF-8. 2. The VTF-7 specification is coded into a table and may not be up to date with the current UNICODE standard. So while VTF-7 can be mapped to UTF-8, the reverse can not always be done. In the "blead" stream of Perl, there is some code that will deal with the UNICODE conversion issue. It is incomplete as it only deals with the translation one way. I do not know when or if I will be able to complete it. Other methods of doing ODS-2/ODS-5 conversions could include putting the ODS-5 name in as a ACE on the file. Keeping it up to date could be a challenge. For read-only distributions, there is an old CDROM convention that LINUX used to support where a data file with both the ISO legal name and the extended name were present, so that LINUX would show the long name. I do not know if that method is still supported by LINUX or was supported by other platforms. -John wb8tyw@qsl.network Personal Opinion Only ------------------------------ Date: 23 Apr 2007 17:30:42 -0700 From: AEF Subject: Re: If you live in California, get out now! (Part 2) Message-ID: <1177374642.499412.51680@p77g2000hsh.googlegroups.com> On Apr 23, 5:00 am, "Richard Brodie" wrote: > "AEF" wrote in message > > news:1177292050.770272.203480@q75g2000hsh.googlegroups.com... > > > Like I've posted twice already, it's "Thou shalt not murder". Capice? > > In more modern translations, sure; not in the King James though. So King James is wrong. AEF ------------------------------ Date: 23 Apr 2007 18:04:47 -0700 From: genius@marblecliff.com Subject: Re: If you live in California, get out now! (Part 2) Message-ID: <1177376687.820923.18640@y5g2000hsa.googlegroups.com> On Apr 23, 8:04 pm, c...@wvnvms.wvnet.edu (George Cook) wrote: > In article , Bill Todd writes: > > > > > > > Doc wrote: > > > ... > > > some > >> fruit-loop theologian postulated in the 70s that the seven headed monster > >> with ten horns was the European Union. > > > Wow - serendipity strikes again: that must be why their exchange rates > > aren't relevant to GDP comparisons - their devilish currency isn't > > acceptable in God's Country, hence has no value. > > > ... > > > They all appear to want to see the Earth and all unbelievers > >> wiped out > > > I'm afraid that I have to admit to feeling similarly about neocons > > (i.e., that the only good neocon is a dead neocon), and since the 1998 > > impeachment debacle I've been inclined to extend that sentiment to *all* > > Republicans (I'm certainly a fan of Lincoln's, but then he is > > indisputably a Republican of the dead persuasion) and more recently even > > to a lot of Democrats. > > > But if that puts me into the same category as the likes of boob, perhaps > > I'll need to reconsider that position. For that matter, it's never been > > one I've been all that comfortable with, but in times of war (and I do > > believe that we're at war with such aggressive incompetents, at least > > until they've been sufficiently beaten back not to constitute a > > continuing menace) sensibilities sometimes need to take a back seat. > > I suspected as much, but had avoided calling you a "hater" without > actual proof. But it is one of the reasons why I started using "boob" > in reference to you. You and boob are both haters who are so blinded by > your hate that you will say anything, twist any fact, ignore all evidence > to the contrary in order to make the other side look bad. > > I may be a lot of things, but I most definitely am not a hater. I > liked Clinton personally and would probably have had a good time > throwing back a few cold ones with him. I would never have considered > him to be a hater, but the latest crop of liberals in Congress are > mostly haters just like yourself. > > George Cook- Hide quoted text - > > - Show quoted text - the only thing I am a hater of is the same thing God is a hater off ... sin ... If I was a hater, why would I even bother posting any of this on here ... if I were a hater I would not try to get these lost people to think but just leave them lost and let them end up in hell ... you are a very poor judge of character! ------------------------------ Date: Mon, 23 Apr 2007 21:14:21 -0400 From: "Richard B. Gilbert" Subject: Re: If you live in California, get out now! (Part 2) Message-ID: <462D59ED.7000508@comcast.net> AEF wrote: > On Apr 23, 5:00 am, "Richard Brodie" wrote: > >>"AEF" wrote in message >> >>news:1177292050.770272.203480@q75g2000hsh.googlegroups.com... >> >> >>>Like I've posted twice already, it's "Thou shalt not murder". Capice? >> >>In more modern translations, sure; not in the King James though. > > > > So King James is wrong. > > AEF > Oh really? Some people believe that the King James Version is the ONLY English translation that may be regarded as "the inerrant Word of God". ------------------------------ Date: 23 Apr 2007 18:19:06 -0700 From: AEF Subject: Re: If you live in California, get out now! (Part 2) Message-ID: <1177377546.515062.62990@o5g2000hsb.googlegroups.com> On Apr 23, 9:04 pm, gen...@marblecliff.com wrote: > On Apr 23, 8:04 pm, c...@wvnvms.wvnet.edu (George Cook) wrote: > > > In article , Bill Todd writes: > > > > Doc wrote: > > > > ... > > > > some > > >> fruit-loop theologian postulated in the 70s that the seven headed monster > > >> with ten horns was the European Union. > > > > Wow - serendipity strikes again: that must be why their exchange rates > > > aren't relevant to GDP comparisons - their devilish currency isn't > > > acceptable in God's Country, hence has no value. > > > > ... > > > > They all appear to want to see the Earth and all unbelievers > > >> wiped out > > > > I'm afraid that I have to admit to feeling similarly about neocons > > > (i.e., that the only good neocon is a dead neocon), and since the 1998 > > > impeachment debacle I've been inclined to extend that sentiment to *all* > > > Republicans (I'm certainly a fan of Lincoln's, but then he is > > > indisputably a Republican of the dead persuasion) and more recently even > > > to a lot of Democrats. > > > > But if that puts me into the same category as the likes of boob, perhaps > > > I'll need to reconsider that position. For that matter, it's never been > > > one I've been all that comfortable with, but in times of war (and I do > > > believe that we're at war with such aggressive incompetents, at least > > > until they've been sufficiently beaten back not to constitute a > > > continuing menace) sensibilities sometimes need to take a back seat. > > > I suspected as much, but had avoided calling you a "hater" without > > actual proof. But it is one of the reasons why I started using "boob" > > in reference to you. You and boob are both haters who are so blinded by > > your hate that you will say anything, twist any fact, ignore all evidence > > to the contrary in order to make the other side look bad. > > > I may be a lot of things, but I most definitely am not a hater. I > > liked Clinton personally and would probably have had a good time > > throwing back a few cold ones with him. I would never have considered > > him to be a hater, but the latest crop of liberals in Congress are > > mostly haters just like yourself. > > > George Cook- Hide quoted text - > > > - Show quoted text - > > the only thing I am a hater of is the same thing God > is a hater off ... sin ... > > If I was a hater, why would I even bother posting any of > this on here ... if I were a hater I would not try to get these > lost people to think but just leave them lost and let them > end up in hell ... you are a very poor judge of character! Speaking of poor judgment, ... well, anyway... >----o----< Speaking of lost, I think you're in the wrong newsgroup! Which reminds me of Steven M. Schweda's brilliant remark from the great zip- misunderstanding thread: "Which news group is this? Am I lost?" (The true feel of the remark gets a bit lost in this context, unfortunately.) Bob, please go back to the CERT counts. Thanks! AEF ------------------------------ Date: 23 Apr 2007 15:34:34 -0400 From: Rich Alderson Subject: Re: looking for up-to-date LaTex etc for VMS Message-ID: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) writes: > Does anyone have an up-to-date LaTeX, Metafont etc working on VMS? I can't answer for VMS specifically, but very little has been updated in LaTeX since the last century. What has been updated is the underlying TeX engines to handle, for example, Unicode input or direct PDF output--and none of these has been taken up as the Official Next Version of TeX. I do wonder why you bother with Metafont. We switched from using Metafont bitmaps to using Adobe Type 1 fonts in the 90s on Tops-20, since we could put the free AMS fonts (created by Blue Sky) on a LaserJet disk drive and never have to download them again. (Much smaller DVI files, and Ghostscript works fine with them even if you don't have PDF(la)tex on your system.) > My current distribution started off on the VMS freeware CD and was built > by Ralf Gärtner. At the time (1997 or so) there were a lot of people > still running LaTeX on VMS, including many gurus. (I suspect that > Lamport actually developed LaTeX on VMS; can anyone confirm this?) Is > there something similar today? I'm pretty sure that Lamport did his work on a DEC-20, since he was located immediately next to Stanford and DEK did all his TeX work in Pascal (=> Web) on SAIL, so 36-bit support was very easy to come by. -- Rich Alderson | /"\ ASCII ribbon | news@alderson.users.panix.com | \ / campaign against | "You get what anybody gets. You get a lifetime." | x HTML mail and | --Death, of the Endless | / \ postings | ------------------------------ Date: 23 Apr 2007 15:19:43 -0700 From: Rambo Subject: Re: Mysterious BUGCHECK while booting 7.3-1 on DEC2000 Message-ID: <1177366783.012046.92110@p77g2000hsh.googlegroups.com> > >> QVISION for example - which is what the system originally shipped with. > > > Yep, a 1024/E is coming my way, will try to run and fix it. > > One other thing to try is to run the ECU. The QVision is something that the > FW will recognize even if it is fully reset with no ECU run. Anything else > needs a valid ECU entry. It arrived, I put it in and behold! System switched into nice "framebuffer" OpenVMS Operator Console, and X started. http://rambo.id.uw.edu.pl/pic.php,DEC+2000+Model+300/vms-OperatorConsole.jpg,big,0,0 http://rambo.id.uw.edu.pl/pic.php,DEC+2000+Model+300/take2.jpg,big,0,0 Rambo ------------------------------ Date: 23 Apr 2007 11:51:24 -0700 From: R Boyd Subject: Re: Oracle 10.2.0.2 Standard Edition available for VMS Message-ID: <1177354283.952263.181690@p77g2000hsh.googlegroups.com> On Apr 23, 1:38 pm, "Malcolm Dunnett" wrote: > In case anyone but me cares: > > Oracle 10.2.0.2 Standard Edition is now available for > VMS on Alpha and Itanium. It's implemented by installing > Enterprise Edition first and then layering a patch on top > that disables EE only features. > > It's patch number 5918466 for Alpha and number > 5918474 for Itanium. Has 10gR2 been formally qualified on Alpha V8.3 yet? ------------------------------ Date: 23 Apr 2007 13:28:29 -0700 From: "johnhreinhardt@yahoo.com" Subject: Re: Oracle 10.2.0.2 Standard Edition available for VMS Message-ID: <1177360109.111750.125670@p77g2000hsh.googlegroups.com> On Apr 23, 2:51 pm, R Boyd wrote: > On Apr 23, 1:38 pm, "Malcolm Dunnett" > wrote: > > > In case anyone but me cares: > > > Oracle 10.2.0.2 Standard Edition is now available for > > VMS on Alpha and Itanium. It's implemented by installing > > Enterprise Edition first and then layering a patch on top > > that disables EE only features. > > > It's patch number 5918466 for Alpha and number > > 5918474 for Itanium. > > Has 10gR2 been formally qualified on Alpha V8.3 yet? Not quite yet - Certify - Additional Info Oracle Database - Enterprise Edition Version 10gR2 64-bit On HP Alpha OpenVMS Operating System: HP Alpha OpenVMS Version 8.3 Oracle Database - Enterprise Edition Version 10gR2 64-bit N/A Version N/A Status: Projected Product Version Note: None available for this product. Certification Note: Planned for Q2CY2007 ------------------------------ Date: 23 Apr 2007 13:59:32 -0700 From: "johnhreinhardt@yahoo.com" Subject: Re: Oracle 10.2.0.2 Standard Edition available for VMS Message-ID: <1177361972.563862.284800@n59g2000hsh.googlegroups.com> On Apr 23, 2:51 pm, R Boyd wrote: > On Apr 23, 1:38 pm, "Malcolm Dunnett" > wrote: > > > In case anyone but me cares: > > > Oracle 10.2.0.2 Standard Edition is now available for > > VMS on Alpha and Itanium. It's implemented by installing > > Enterprise Edition first and then layering a patch on top > > that disables EE only features. > > > It's patch number 5918466 for Alpha and number > > 5918474 for Itanium. > > Has 10gR2 been formally qualified on Alpha V8.3 yet? Not yet, but soon Certify - Additional Info Oracle Database - Enterprise Edition Version 10gR2 64-bit On HP Alpha OpenVMS Operating System: HP Alpha OpenVMS Version 8.3 Oracle Database - Enterprise Edition Version 10gR2 64-bit N/A Version N/A Status: Projected Product Version Note: None available for this product. Certification Note: Planned for Q2CY2007 ------------------------------ Date: Mon, 23 Apr 2007 17:54:15 -0400 From: Dave Froble Subject: Re: Oracle 10.2.0.2 Standard Edition available for VMS Message-ID: <462D2B07.6020809@tsoft-inc.com> Malcolm Dunnett wrote: > In case anyone but me cares: > > Oracle 10.2.0.2 Standard Edition is now available for > VMS on Alpha and Itanium. It's implemented by installing > Enterprise Edition first and then layering a patch on top > that disables EE only features. > > It's patch number 5918466 for Alpha and number > 5918474 for Itanium. > > -- David Froble Tel: 724-529-0450 Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com DFE Ultralights, Inc. 170 Grimplin Road Vanderbilt, PA 15486 ------------------------------ Date: Mon, 23 Apr 2007 13:01:11 -0500 From: Dan Foster Subject: Re: Still no TFTP client? Message-ID: In article <593qlbF2jre29U1@mid.individual.net>, Bill Gunshannon wrote: >> TFTP? In some places, folks don't have wheelbarrows of cash to junk >> otherwise functional (and locked down) devices. > > Like what? I certainly don't have "wheelbarrows of cash" and nothing I > have "requires" tftp. Heh. Not the case here. We have a fair number of older routers and switches from certain vendors that only speaks TFTP. For general security and job security reasons, I would prefer to not elaborate on make or models, so that's about as specific as I can get. But I'm sure you could easily find a bunch of them with a Google search if sufficiently curious. Why don't they support newer protocols? The vendors has lost interest in maintaining anything but security updates to them. For some of them, the hardware's NVRAM is too small to accommodate larger code loads even if vendors were interested. We are replacing them with newer hardware with much more capable software as part of routine maintenance and upgrade schedules... but until every single such device is off the network, we still need to maintain a TFTP server. When you run a network that literally spans the planet on almost every single continent, that does takes a while. :-) With that said, it hasn't been the scourge you seem to think it is. :-) It *can* be a scourge, but only if you have dimwit system and network admins whom don't know how to reasonably lock down things. We don't hire either type of people here as a routine matter of policy. Again, this is not my preferred choice of protocol for a number of reasons, but it's also something we can live with in the interim if reasonably configured and locked down -- and it is, here. The picture is better with the newer devices, of course. I do agree with the general recommendation that if sites has no TFTP-only devices, to run something better as well as try to employ devices that supports more robust protocols. -Dan ------------------------------ Date: 23 Apr 2007 18:22:54 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Still no TFTP client? Message-ID: <594brtF2j40hlU1@mid.individual.net> In article <462c852a@mvb.saic.com>, Mark Berryman writes: > Bill Gunshannon wrote: > [some text deleted] >>>> Other than through security by obscurity (ie. if I don't tell you >>>> I am running a tftp server you probably won't find it) how would >>>> you secure tftp? There's a reason why they call it "trivial". :-) >>> Using the Multinet TFTP server: >>> >>> 1. It only serves out the directory tree you specifically define for it >>> (a major issue with most Unix implementations). >> >> How so? I have never seen any tftp server on any Unix system that served >> up anything but the directory tree you set. > > Then you are somewhat limited in your experience. I have definitely > seen this many times and I expect you could find examples with a simple > web search. Granted, sometimes the issue was caused by a simple typo in > the configuration file (a typo that simple shouldn't open up your whole > system but that is a different issue). "A typo in a configuration file" is not a Unix problem. Or are you saying that if someone makes a typo in a VMS configuration file it could not cause a similar problem? > However, there are other times > that this is caused by this being the default configuration. The oldest version of tftpd that I have handy at the moment is Ultrix-11. There is no default directory. So somehow I think this was not really the problem. Sounds a lot more like another case of "incompetent sysadmin syndrome" which would affect any OS. > >>> 2. It can only read those files with World Read access. >> >> Probably because with no authentication there is no user or group. Duh... > > Hardly. NOTHING runs on VMS without an associated UIC. The server > simply enforces this documented restriction. Without world read access, > the TFTP server will not touch the file. Well, of course it does. As does the Unix equivalent. But in neither case does that UIC/uid identify the person on the other end of the client. Thus the reason for WORLD access. At least they try to add some security to it, even if not much. > >>> 3. It will only write to a file that already exists and has World Write >>> access. >> >> Which means either you can't write the files either or anyone can. One >> way is non-functional and the other a security hole. > > Again, hardly. You are assuming that the file must always be there and > always be world writable. Such is not the case. In one application I > have it works as follows: > > 1. Application creates necessary file. > 2. Application sends SNMP command to network device telling it to write > its config to this file name. > 3. Application waits for the TFTP operation to complete (via SNMP query) > then copies configuration to config directory. But that's not TFTP. That's some application that just happens to use TFTP to move files. Obviously trying to get create security where even they admit it doesn't exist. Of course, you could use real FTP and not have to Rube Goldberg a system. Seems like a strange use for SNMP as well. Would have made much more sense to just write your own client/ server application to do the job right. > > Think of having to know the name of the file being used here as being > the same as having to know the password to write to this account. Not a security model I would subscribe to, thank you. > > >>> 4. Limit the server to respond only to a defined set of hosts or subnets >>> (functionality built into the Multinet equivalent of inetd). >> >> Well, that's one plus, but what about spoofing? > > Can't be done. All of our routers are properly configured to prevent > spoofing and our network devices use addresses that are not legitimate > for a host (and, thus, are blocked by the anti-spoofing settings). So, again, you are using something else to make up for the security shortcomings of TFTP. A much better idea is don't use TFTP. :-) But then, if you have a machine on your network that can comunicate with the TFTP server another machine on your network can spoof that address. Oh, I see, you trust everybody on "the secure side" of the firewall. :-) All the additional security measures you can add will never equal up to just not using known, published, unsecure methods. >>> 5. Log all connections, both successful and rejected. >> >> Trying to lock the barndoor after the horse has run away. > > Hmm, are you trying to claim that security audits are useless? The log > files prove the fact that only legitimate TFTP requests are being > honored and we know when bogus TFTP transactions are being attempted and > we know where they are coming from and we know that they have been > successfully deterred. No, not worthless, but as I said in another post, reactive. It's much better to not give them a door to come in than to read the sign in sheet after tha fact and know that someone did get in. > >>> We have hundreds of network infrastructure devices on our network that >>> share only TFTP as the common download/upload protocol >> >> See above. If you can upload, so can anybody. How do you guarantee >> the integritry of the files? Do you use this for your configs? Might >> as well put them up on the local bulletinboard at the mall. > > See above. I can upload, but "anybody" can't. I gave one example of > why this is so. There are others. Well, yes, but as I said, your example isn't TFTP. It is an application that tries to wrap security around a broken protocol. If someone had to write the application in the first place they should have done it right and not used TFTP (or SNMP) at all. CLient/Server IP apps are not all that hard to write. Our students do it all the time. > >>> (although newer >>> devices do add support other protocols we cannot swap the older one out >>> just for that reason). We have supported out network devices with TFTP >>> servers configured as above for many years without issue. >> >> And many Unix systems ran happily for years without even passwords. But >> I wouldn't try it today. > > The two situations are not even close to corresponding. Among other > things, a system without a password grants access to absolutely > everything on that system or to what that system has access to. My TFTP > server grants access to exactly what I have authorized it to and nothing > else. I only used that example as a sign of how social norms, especially in the computing industry, have changed. There was a time, not all that long ago, when we logged on in the morning and left our terminals run all day long. We didn't worry about someone getting into oufr stuff while we were at lunch. But society changed. Back then I could count on people not trying to hack into my machine via TFTP. But society changed. Just like there being a time, not so long ago when people didn't even lock their doors. But society changed. > >>> Multinet also includes a TFTP client which I have used on occasion, >>> mainly to test a newly configured TFTP server. >>> >> >> I'm gald things are working for you, but I wouldn't even consider >> running a tftp server again. > > Then I guess it is a good thing you are not in charge of a large network > with a wide variety of network devices. Well, knowing that any place other than this would likely have a real budget, I would hope they would be able to understand the money spent on better network devices was money well spent. But then, if security isn't one of my bosses concerns, I do would do what he wants after suitably warning him of the dangers. > >> I was very happy when Cisco made it >> unnecessary providing a secure way of moving data. Now, if they >> would just move to fully encrypted protocols for averything. > > There are still some situations where one cannot use secure protocols > with Cisco, not the least of which is that you must pay for a license > for an encrypting image in order to support them. That's not a shortcoming, that's business. I guess it's up to your boss to decide what's important and what's not. If security is not worth spending money on, well....... > There are other > vendors who do not support secure transfer as well. It is really nice > if you can say "if you can transfer only with TFTP then I won't do any > transfers with you". I do not have that luxury. I didn't say that. I said TFTP is insecure. Nothing you can do will wrap anything more than pseudo-security around it. If my employer said, "I don't care, you can't have the money, security be damned." Well, he may not always be right, but he is always the boss. But I do have to admit that I wouldn't have thought there was anyplace with so much less of a discretionary budget than mine that they would not consider security to be a top priority. After all, I'm just a school. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Mon, 23 Apr 2007 16:07:54 -0400 From: JF Mezei Subject: Re: Still no TFTP client? Message-ID: Ian Miller wrote: > I'm curious what you would use a TFTP client on VMS for ? Some telecom equipment have both TFTP client/servers. So with a TFTP client on VMS, you can (for instance) automate fetching of configurations or whatever other files from that equipment on a daily basis. ------------------------------ Date: 23 Apr 2007 15:25:04 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Still no TFTP client? Message-ID: <+FR6shye5mGN@eisner.encompasserve.org> In article <593oaqF2jgv67U1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: > > No Unix admin in his right mind would actually run the tftp server. > There are just too many secure ways of accomplishing anything it can. > I even (successfully) argued against one of the professors here using > TFTP in his Cisco based Networking Course even though many of the > examples of Cisco on the Web show TFTP for moving configs, DHCP Leases > and other things. I demonstrated how the same can be handled just as > easily with real FTP eliminating the need for running a server that would > let anyone change configs or use your machine just like a peer-to-peer > (Kazaa style) machine for distributing things like warez. FTP? You let him send username and password in plain text? Or did you get sufficient security form a read-only anonymous account? ------------------------------ Date: 23 Apr 2007 15:27:19 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Still no TFTP client? Message-ID: In article , Dan Foster writes: > > How do you handle it with older network equipment which ONLY supports > TFTP? In some places, folks don't have wheelbarrows of cash to junk > otherwise functional (and locked down) devices. If the device requires a TFTP server, and the services can be set read-only, I might live with it. Anything else I'd put together a throw-away server of some kind, backup what I'd setup, and restore backups to it quite frequently (not make new backups from it). ------------------------------ Date: 23 Apr 2007 15:28:59 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Still no TFTP client? Message-ID: <8EZoiQHiLIF7@eisner.encompasserve.org> In article , Dan Foster writes: > > How do you handle it with older network equipment which ONLY supports > TFTP? In some places, folks don't have wheelbarrows of cash to junk > otherwise functional (and locked down) devices. OBTW, I've seen some stuff which requires a TFTP service, but I haven't seen anything that requires a TFTP client. I think we were talinkg about a TFTP client for VMS. No thanks. ------------------------------ Date: Mon, 23 Apr 2007 14:33:36 -0600 From: Mark Berryman Subject: Re: Still no TFTP client? Message-ID: <462cb5b2$1@mvb.saic.com> Bill Gunshannon wrote: > In article , > Kilgallen@SpamCop.net (Larry Kilgallen) writes: >> In article <593u0sF2j5361U1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>> In article <462c585f@mvb.saic.com>, >>> Mark Berryman writes: >>>> 2. It can only read those files with World Read access. >>> Probably because with no authentication there is no user or group. Duh... >> I believe the point is that the program in question made the proper >> design choice, and went to the extra work to _not_ give access to >> files owned by the UIC under which the program is running. > > But it does give access to files owned by the UIC under which the program > is running. It gives access to any file with "World Read access". ANd > that is the required level of access for you, me, or joe down the hall. > In other words, it's all or nothing. Not a particularly good security > model. Andone based on a time when the social norms were very different > and I could trust you an djoe down the hall to leave stuff that isn't yours > alone. Please re-familiarize yourself with the VMS security model. The TFTP process will read files with world read access ***in the directory that the TFTP server has access to***. Neither you nor Joe down the hall has access to that directory so the protection on the files within that directory is meaningless to you. You can't get to them (except via the TFTP server). It is most definitely NOT all or nothing. >>>> 3. It will only write to a file that already exists and has World Write >>>> access. >>> Which means either you can't write the files either or anyone can. One >>> way is non-functional and the other a security hole. >> People signing up for TFTP have agreed to the lack of authentication. > > Of course they have. And when it was first introduced that was a workable > paradigm. today however....... > >> What they likely do _not_ want is the ability for a stranger to fill >> their disk. > > But they can. :-) No, they can't. Tell you what, I've got a TFTP server running here at home that I've just opened up to the internet. Go ahead and try to fill up my disk. Go ahead and try to read or write even one file. I guarantee that you will fail. >> So long as TFTP provides no "directory" capability, the "anyone" who >> wants to write a file must know the name. > > Security by obscurity. Another really bad security model. Let me give you > a hint. Cisco used to use TFTP for loading configs and IOS's. How hard do > you think it was to get the names of the files? About as secure as that file containing passwords. The only way to get to files if you don't know their names is by guessing, the same way people try to break passwords, and filenames tend to be harder to guess. If you try it, I will get a security message via OPCOM alerting me to the fact that you are doing so (assuming you were able to get to my TFTP server in the first place). As for Cisco, it wasn't that hard to guess their DEFAULT filenames, but then, who used the defaults? [skipping some stuff that I've already replied to] > True, but as I was saying, it is the protocol itself that is flawed > (by todays standards) and under our current social culture it just > seems like way too much of a risk to even consider taking. And, > with all the bragging that VMS people do about the security of their > OS I am amazed that anyone running VMS would even consider allowing it > on their network, much less on their VMS machine itself. Actually, a VMS system is the ONLY system I would consider running a TFTP server on. I can address the security issues there. I have yet to find another system that can do as well. Mark Berryman ------------------------------ Date: 23 Apr 2007 20:56:35 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Still no TFTP client? Message-ID: <594ks3F2jj0e7U1@mid.individual.net> I give up, You win TFTP is secure. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 23 Apr 2007 20:58:52 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Still no TFTP client? Message-ID: <594l0cF2jj0e7U2@mid.individual.net> In article <8EZoiQHiLIF7@eisner.encompasserve.org>, koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: > In article , Dan Foster writes: >> >> How do you handle it with older network equipment which ONLY supports >> TFTP? In some places, folks don't have wheelbarrows of cash to junk >> otherwise functional (and locked down) devices. > > OBTW, I've seen some stuff which requires a TFTP service, but I > haven't seen anything that requires a TFTP client. I think we > were talinkg about a TFTP client for VMS. No thanks. True, but a TFTP Client implies a Server somewhere for it to talk to. And VMS, Unix, Windows, RSX-11, it makes no difference. The model is insecure and I for one would always look for a different solution. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 23 Apr 2007 21:01:40 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Still no TFTP client? Message-ID: <594l5kF2jj0e7U3@mid.individual.net> In article <+FR6shye5mGN@eisner.encompasserve.org>, koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: > In article <593oaqF2jgv67U1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >> >> No Unix admin in his right mind would actually run the tftp server. >> There are just too many secure ways of accomplishing anything it can. >> I even (successfully) argued against one of the professors here using >> TFTP in his Cisco based Networking Course even though many of the >> examples of Cisco on the Web show TFTP for moving configs, DHCP Leases >> and other things. I demonstrated how the same can be handled just as >> easily with real FTP eliminating the need for running a server that would >> let anyone change configs or use your machine just like a peer-to-peer >> (Kazaa style) machine for distributing things like warez. > > FTP? You let him send username and password in plain text? Or did > you get sufficient security form a read-only anonymous account? What? Are you still running a network that supports sniffing? :-) Telnet is still the most common may for people to make terminal connections on the INTERNET and it happily passes userid's and passwords in plaintext. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Mon, 23 Apr 2007 15:33:01 -0600 From: Mark Berryman Subject: Re: Still no TFTP client? Message-ID: <462cc39f@mvb.saic.com> Bill Gunshannon wrote: > In article <462c852a@mvb.saic.com>, > Mark Berryman writes: >> Bill Gunshannon wrote: >> [some text deleted] >>>>> Other than through security by obscurity (ie. if I don't tell you >>>>> I am running a tftp server you probably won't find it) how would >>>>> you secure tftp? There's a reason why they call it "trivial". :-) >>>> Using the Multinet TFTP server: >>>> >>>> 1. It only serves out the directory tree you specifically define for it >>>> (a major issue with most Unix implementations). >>> How so? I have never seen any tftp server on any Unix system that served >>> up anything but the directory tree you set. >> Then you are somewhat limited in your experience. I have definitely >> seen this many times and I expect you could find examples with a simple >> web search. Granted, sometimes the issue was caused by a simple typo in >> the configuration file (a typo that simple shouldn't open up your whole >> system but that is a different issue). > > "A typo in a configuration file" is not a Unix problem. Or are you > saying that if someone makes a typo in a VMS configuration file it > could not cause a similar problem? Actually, in this case, I am. There is absolutely no way to grant access to the entire file system in VMS to the TFTP server without explicitly and deliberately doing so. Making a simple typo in the template configuration file wouldn't come close to doing it. >> However, there are other times >> that this is caused by this being the default configuration. > > The oldest version of tftpd that I have handy at the moment is Ultrix-11. > There is no default directory. So somehow I think this was not really > the problem. Sounds a lot more like another case of "incompetent sysadmin > syndrome" which would affect any OS. You are making guesses. I am speaking from experience. You are, of course, free to simply disbelieve me. >>>> 2. It can only read those files with World Read access. >>> Probably because with no authentication there is no user or group. Duh... >> Hardly. NOTHING runs on VMS without an associated UIC. The server >> simply enforces this documented restriction. Without world read access, >> the TFTP server will not touch the file. > > Well, of course it does. As does the Unix equivalent. But in neither case > does that UIC/uid identify the person on the other end of the client. Thus > the reason for WORLD access. At least they try to add some security to it, > even if not much. > >>>> 3. It will only write to a file that already exists and has World Write >>>> access. >>> Which means either you can't write the files either or anyone can. One >>> way is non-functional and the other a security hole. >> Again, hardly. You are assuming that the file must always be there and >> always be world writable. Such is not the case. In one application I >> have it works as follows: >> >> 1. Application creates necessary file. >> 2. Application sends SNMP command to network device telling it to write >> its config to this file name. >> 3. Application waits for the TFTP operation to complete (via SNMP query) >> then copies configuration to config directory. > > But that's not TFTP. That's some application that just happens to use > TFTP to move files. Obviously trying to get create security where even > they admit it doesn't exist. Of course, you could use real FTP and not > have to Rube Goldberg a system. Seems like a strange use for SNMP as > well. Would have made much more sense to just write your own client/ > server application to do the job right. You are obviously unfamiliar with network management where almost everything is done via SNMP. You also seem to think that TFTP is mainly used for static files. Quite obviously I am using TFTP and, equally obviously, doing so is not the absolute security failure you claim that it is. Also, simply because you do not understand something does not make that something a Rube Goldberg implementation. As for using FTP, can you name any commonly used router or switch to which you can initiate an FTP session? I can't. If fact, no router or switch fit for the enterprise environment will allow you to initiate *any* sort of session other than an interactive mangement console (which is sometimes HTTP based). The transfer of firmware, configuration, etc. from the router must be initiated by the router. How do you tell the router to do that? You can log in interactively or you can send an SNMP command. Guess which is more secure and less error-prone? >> Think of having to know the name of the file being used here as being >> the same as having to know the password to write to this account. > > Not a security model I would subscribe to, thank you. > >> >>>> 4. Limit the server to respond only to a defined set of hosts or subnets >>>> (functionality built into the Multinet equivalent of inetd). >>> Well, that's one plus, but what about spoofing? > >> Can't be done. All of our routers are properly configured to prevent >> spoofing and our network devices use addresses that are not legitimate >> for a host (and, thus, are blocked by the anti-spoofing settings). > > So, again, you are using something else to make up for the security > shortcomings of TFTP. A much better idea is don't use TFTP. :-) > But then, if you have a machine on your network that can comunicate > with the TFTP server another machine on your network can spoof that > address. Oh, I see, you trust everybody on "the secure side" of the > firewall. :-) Again you show you do not comprehend the description. Unfortunately, I am not sure I can explain any clearer. To illustrate, your statement "if you have a machine on your network that can comunicate with the TFTP server another machine on your network can spoof that address" is just plain flat out wrong. Let me try a specific example: I have a network device that communicates with the TFTP server using the address 192.168.101.5 (it is the address of its loopback interface). There is no LAN anywhere on the network using the 192.168.101.x/24 address space. Any host trying to emit an IP packet with a source address of 192.168.101.anything would find that the packet never left the LAN. It would be dropped by the first layer 3 device it encountered. It would also be dropped by every other layer 3 device it passed through on its way to the TFTP server. This is not a "secure side of the firewall". This is a network of routers properly configured for anti-spoofing. In some situations, due to the nature of the environment, the relationship between MAC address and IP address is statically entered into the local router and switches and ARP packets cannot overwrite these entries. Hosts on such LANs can't even spoof an address within the LAN, much less one across the network. This is just a long-winded way of saying that, yes, there are environments where the limitations of TFTP are not an issue. > All the additional security measures you can add will never equal up > to just not using known, published, unsecure methods. You mentioned FTP. It is no more secure than TFTP is (i.e. the work involved in hacking an FTP server is no more difficult than that involved in hacking a TFTP server). Encrypted protocols are more secure. Sadly, not everything supports them yet and we still have to manage the network. >>>> 5. Log all connections, both successful and rejected. >>> Trying to lock the barndoor after the horse has run away. >> Hmm, are you trying to claim that security audits are useless? The log >> files prove the fact that only legitimate TFTP requests are being >> honored and we know when bogus TFTP transactions are being attempted and >> we know where they are coming from and we know that they have been >> successfully deterred. > > No, not worthless, but as I said in another post, reactive. It's much > better to not give them a door to come in than to read the sign in sheet > after tha fact and know that someone did get in. Do you have systems that you allow people to log onto? Better close that door. Really. I can protect the files available to the TFTP server at least as well as the files you have on systems that people can log onto and they are probably less sensitive than the files you'd be worried about as well. >>>> We have hundreds of network infrastructure devices on our network that >>>> share only TFTP as the common download/upload protocol >>> See above. If you can upload, so can anybody. How do you guarantee >>> the integritry of the files? Do you use this for your configs? Might >>> as well put them up on the local bulletinboard at the mall. >> See above. I can upload, but "anybody" can't. I gave one example of >> why this is so. There are others. > > Well, yes, but as I said, your example isn't TFTP. Well, it is (no it isn't, yes it is, no it isn't, yes it is, ...) > It is an application > that tries to wrap security around a broken protocol. If someone had to > write the application in the first place they should have done it right > and not used TFTP (or SNMP) at all. CLient/Server IP apps are not all > that hard to write. Our students do it all the time. So do I. Too bad neither routers nor switches support them. SNMP *is* the right protocol to communicate with network devices and TFTP is still the only common transfer protocol. >>>> (although newer >>>> devices do add support other protocols we cannot swap the older one out >>>> just for that reason). We have supported out network devices with TFTP >>>> servers configured as above for many years without issue. >>> And many Unix systems ran happily for years without even passwords. But >>> I wouldn't try it today. >> The two situations are not even close to corresponding. Among other >> things, a system without a password grants access to absolutely >> everything on that system or to what that system has access to. My TFTP >> server grants access to exactly what I have authorized it to and nothing >> else. > > I only used that example as a sign of how social norms, especially in > the computing industry, have changed. There was a time, not all that > long ago, when we logged on in the morning and left our terminals run > all day long. There was never a time when I did that and I've been doing this since 1975. > We didn't worry about someone getting into oufr stuff > while we were at lunch. Please be careful about that "we" stuff. Protecting my account is something I was taught from day one. > But society changed. Back then I could count > on people not trying to hack into my machine via TFTP. But society changed. > Just like there being a time, not so long ago when people didn't even lock > their doors. But society changed. Just to be pedantic it wasn't society that changed. It was commercializing the Internet that made the difference. Attempts to hack into computes have been around as long as computers have been able to talk to each other but the scope changed when the Internet went commercial. >>>> Multinet also includes a TFTP client which I have used on occasion, >>>> mainly to test a newly configured TFTP server. >>>> >>> I'm gald things are working for you, but I wouldn't even consider >>> running a tftp server again. >> Then I guess it is a good thing you are not in charge of a large network >> with a wide variety of network devices. > > Well, knowing that any place other than this would likely have a real > budget, I would hope they would be able to understand the money spent > on better network devices was money well spent. But then, if security > isn't one of my bosses concerns, I do would do what he wants after > suitably warning him of the dangers. *snort* I'm sorry, that one is a little hard to swallow. Companies the size of the one I work for typically have IT budgets that run into multiple millions of dollars, the line items of which must be identified a year or more in advance. Wholesale replacement of network gear simply does not happen in the real world, especially on this scale. Face it, secure copy protocols are relatively new to the network world. It will take some time for them to become ubiquitous. Until they do, the existing protocols must continue to be used. In the case of TFTP, that means running it on a VMS server. Mark Berryman ------------------------------ Date: Tue, 24 Apr 2007 10:16:25 +0800 From: "Richard Maher" Subject: VMS 8.2 VMSINSTAL Bug with RUN_IMAGE Persists? Message-ID: Hi, There was/is a bug with VMSINSTAL's Run_Image callback on 8.2 machines that exhibited the following symptoms at product installation time: - * Do you want to purge files replaced by this installation [YES]? %ANALYZE-E-OPENIN, error opening MISSING:[MISSING]VMI$NEW.EXE; as input -SYSTEM-W-NOSUCHDEV, no such device available %VMSINSTAL-E-INSFAIL, The installation of TIER3A V3.1 has failed. The problem is that I've just had someone upgrading to 8.2 (Why not 8.3? I dunno :-) and the bug appears to still be there :-( VMS 8.2 is still supported, is it not? Has anyone got a patch reference: Below is from one of COVs kind souls many moons ago stating that this bug is *supposed* to have been fixed. Any ideas? Cheers Richard Maher > 2. VMSINSTAL > > This failed miserably on VMS V8.2 on running T3$CHKACC, because there > is a known bug in VMSINSTAL on V8.2 with the RUN_IMAGE vmi$callback. > > It craps out with: > > %ANALYZE-E-OPENIN, error opening MISSING:[MISSING]VMI$NEW.EXE; as input > -SYSTEM-W-NOSUCHDEV, no such device available > %VMSINSTAL-E-INSFAIL, The installation of TIER3A V3.1 has failed. > > > This issue is allegedly fixed in VMS82A_KITTING-V0100, dated > 10-JAN-2006, but that contains a copy of VMSINSTAL.COM from > 10-AUG-2005, so doesn't solve the problem. > > Needless to say, I'm going to report that problem. I got Tier3 > installed by knobbling its KITINSTAL.COM thus: > > $! VMI$CALLBACK RUN_IMAGE "VMI$KWD:T3$CHKACC.EXE" > $ tier3$missing = "true" ------------------------------ Date: 23 Apr 2007 11:50:01 -0700 From: Hein RMS van den Heuvel Subject: Re: VMS Alpha to Itanium port Message-ID: <1177354201.758456.73330@y5g2000hsa.googlegroups.com> On Apr 23, 10:18 am, "Syltrem" wrote: > "Chris Townley" wrote in message > I ported mostly subroutines (many linked to one big shareable image) , and > some executables. I did not have problems. Excellent. We expected no less from OpenVMS no? > Only thing is, I have a Basic USEROPEN routine that coule return the file > creation date and protection info, but this one no longer compiles. > This is true on Alpha and IA64. Right, I don't care for the generic XAB + dedicated XABKEY part one now needs, requiring a union/map per xab. I'd be tempted to pick up the old definitions from your old (vax) basic adn see if they still work. Here is a link to an ITRC reply with pointer to code samples and my own little sample code I wrote recently which may help some: http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1100553 > For instance $IMPDEF was missing. I'll be curious to learn what that was used for! Walking RMS Internal-FAB structures? Cheers, Hein. ------------------------------ Date: Mon, 23 Apr 2007 21:37:18 GMT From: "John Vottero" Subject: Re: VMS Alpha to Itanium port Message-ID: "Hein RMS van den Heuvel" wrote in message news:1177354201.758456.73330@y5g2000hsa.googlegroups.com... > On Apr 23, 10:18 am, "Syltrem" wrote: >> "Chris Townley" wrote in message > >> I ported mostly subroutines (many linked to one big shareable image) , >> and >> some executables. I did not have problems. > > Excellent. We expected no less from OpenVMS no? > >> Only thing is, I have a Basic USEROPEN routine that coule return the file >> creation date and protection info, but this one no longer compiles. >> This is true on Alpha and IA64. > > Right, I don't care for the generic XAB + dedicated XABKEY part one > now needs, requiring a union/map per xab. I'd be tempted to pick up > the old definitions from your old (vax) basic adn see if they still > work. > > Here is a link to an ITRC reply with pointer to code samples and my > own little sample code I wrote recently which may help some: > > http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1100553 > >> For instance $IMPDEF was missing. > > I'll be curious to learn what that was used for! > Walking RMS Internal-FAB structures? > There are (or were) two different versions of IMPDEF. One applied to the sys$persona routines and has been replaced on Alpha and Itanium. That's the one that appears to be missing. I think it's been replaced by ISSDEF. ------------------------------ Date: 23 Apr 2007 17:44:40 -0700 From: David B Sneddon Subject: Re: VMS Alpha to Itanium port Message-ID: <1177375480.732242.214710@n76g2000hsh.googlegroups.com> On Apr 23, 2:18 pm, "Syltrem" wrote: [...snip...] > > If you have a useropen routine that works, I would gladly have it :-) > I still have to get the one I have to work (a bit complicated and not enough > time...). > > Good luck with your porting. > > Syltrem > No zulu in my email Not exactly a USEROPEN but it does work... grab the DBS-SYSRTL package from http://www.users.bigpond.com/dbsneddon/software.htm and check the FILE_ATTRIBUTES routine (written in Macro) Dave ------------------------------ Date: Mon, 23 Apr 2007 21:04:59 -0700 From: "Jeffrey H. Coffield" Subject: Re: VMS Alpha to Itanium port Message-ID: <6qfXh.4399$ns5.1069@newssvr17.news.prodigy.net> Syltrem wrote: > "Chris Townley" wrote in message > news:1176404160.877981.239430@o5g2000hsb.googlegroups.com... >> Just suddenly had the concept of porting a legacy in house application >> from Alpha to Integrity given to me. >> >> Currently running VMS 6.2 on Alpha - application consists of some 3500 >> modules Basic, with a smattering of C and macro code. This is an >> application I know well, and have been maintaining/developing for some >> years. However the oprogrammingh tyeam that took it in-house some 12 >> years ago is now just me. >> >> I wont even look at the macro - if it doesnt run out of the box, I >> rewrite as required, and there is nothing fancy in the C >> >> However the main area will be the basic. Has anyone any ideas what >> issues are likely? >> >> TIA >> -- >> Chris >> > > > Hi > > I ported mostly subroutines (many linked to one big shareable image) , and > some executables. > > I did not have problems. > > Only thing is, I have a Basic USEROPEN routine that coule return the file > creation date and protection info, but this one no longer compiles. > This is true on Alpha and IA64. > > You may be missing some of the stuff in BASIC$STARLET.TLB if you use that. > For instance $IMPDEF was missing. > > For my USEROPEN, that's where the problem lies... they changed the > definitions to XABDET, XABDATDEF, etc somewhere between now and 10 years ago > when I last compiled the program (when migrating from VAX to Alpha). > > If you have a useropen routine that works, I would gladly have it :-) > I still have to get the one I have to work (a bit complicated and not enough > time...). > > Good luck with your porting. > > Syltrem > No zulu in my email > > I have managed to decode the new XAB break up and have a useropen that returns the actual file name (with the version #). If you send your useropen to me I could take a look for you. Jeff Coffield ------------------------------ Date: Mon, 23 Apr 2007 21:42:03 +0200 From: Dirk Munk Subject: Re: [OT] If you live in California, get out now! (Part 2) Message-ID: Doc wrote: > "P. Sture" wrote in > news:paul.sture.nospam-3E720A.11430523042007@mac.sture.ch: > >> In article <1177289397.165542.126780@b75g2000hsg.googlegroups.com>, >> genius@marblecliff.com wrote: >> >>> On Apr 22, 2:10 pm, "P. Sture" wrote: >>>> In article <1177246624.245272.235...@l77g2000hsb.googlegroups.com>, >>>> >>>> >>>> >>>> >>>> >>>> gen...@marblecliff.com wrote: >>>>> On Apr 21, 8:42 pm, JF Mezei >>>>> wrote: >>>>>> gen...@marblecliff.com wrote: >>>>>>> different group of people (jews) different time period ... >>>>>> Dear Mr Genius, >>>>>> You cannot selectively use portions of the old testament that >>>>>> fit your agenda, and then claim the old testament doesn't apply >>>>>> to christians. >>>>> Dear Mr. Ignorant, >>>>> I did not say it was not relevant ... the 10 commandments >>>>> still are, but many of the old testament laws and customs >>>>> were specific to the jewish people, not the gentiles ... >>>>> the recommendations and principles that God stated are, >>>>> but Christ has freed us from the old law because He >>>>> frees us from sin ... >>>> So the 5 separate verses from Proverbs you quoted earlier about >>>> beating your offspring with a rod don't apply to: >>>> >>>> a) gentiles >>>> b) anyone who believes that Christ free them from sin >>>> >>>> It looks as though California are doing the right right on that >>>> one. >>>> >>>> -- >>>> Paul Sture- Hide quoted text - >>>> >>>> - Show quoted text - >>> basic principles apply to EVERYONE, but there were certain >>> things at that time specific to jews ... >> But who is doing the choosing of which applies to whom? > > It takes a genius to do that, luckily we have one to hand. > > Beat your children with a rod if they irritate you. Don't dare stone an > adulterer, that's so old-fashioned nowadays. > > So... Sticks are okay - but stones aren't. > > Incidentally, you need to read some of the drivel Boob believes. Listed > here, http://en.wikipedia.org/wiki/Rapture. > > Neither wonder he thinks Europeans are evil, according to that some > fruit-loop theologian postulated in the 70s that the seven headed monster > with ten horns was the European Union. > > Admittedly, a belief that those who believe will escape a "tribulation" > prior to the second coming explains a lot. It would explain why Boob > doesn't care about the planet, he's not planning on staying on it when > things get bad. Gawd is gonna lift him up into heaven. Praise the lard! > > Nutty Fundamentalist Christians (and they are not alone in this) have > believed the return of Christ was imminent since the time of the > apostles. They all appear to want to see the Earth and all unbelievers > wiped out and look forward to it because they've spent their lives > feeling morally superior because they believe in the same ghosts as > millions of other people. > > > Doc. Compared to these nut-cases: http://www.godhatesamerica.com/ , Boop is quite harmless. The BBC aired a tv program about this family a few weeks ago. The leader of this bunch of vultures is an evil looking self-proclaimed minister. He knows two things for sure, all problems of the US are caused by homosexuality, and his clan are the only people who are going to paradise when they die. I assume the man is gay himself, but doesn't want to know it, as happens so often in similar cases. To understand what these people are capable of, please read their website. The BBC program showed how a part of the clan took a flight to another part of the US, to hold a demonstration at the funeral of a soldier who died in Iraq. The camera showed the family of the soldier entering the church. The pain and sorrow on the face of the father was heartbreaking. And then to know that on a short distance of the church these evil bastards were shouting that it was a good thing that the boy was killed because there is homosexuality in the US. The kids in this clan are nice and normal looking, but they are totally brainwashed, and join the demonstrations when they are very young. Truly disgusting. ------------------------------ Date: 23 Apr 07 20:04:06 EDT From: cook@wvnvms.wvnet.edu (George Cook) Subject: Re: [OT] If you live in California, get out now! (Part 2) Message-ID: In article , Bill Todd writes: > Doc wrote: > > ... > > some >> fruit-loop theologian postulated in the 70s that the seven headed monster >> with ten horns was the European Union. > > Wow - serendipity strikes again: that must be why their exchange rates > aren't relevant to GDP comparisons - their devilish currency isn't > acceptable in God's Country, hence has no value. > > ... > > They all appear to want to see the Earth and all unbelievers >> wiped out > > I'm afraid that I have to admit to feeling similarly about neocons > (i.e., that the only good neocon is a dead neocon), and since the 1998 > impeachment debacle I've been inclined to extend that sentiment to *all* > Republicans (I'm certainly a fan of Lincoln's, but then he is > indisputably a Republican of the dead persuasion) and more recently even > to a lot of Democrats. > > But if that puts me into the same category as the likes of boob, perhaps > I'll need to reconsider that position. For that matter, it's never been > one I've been all that comfortable with, but in times of war (and I do > believe that we're at war with such aggressive incompetents, at least > until they've been sufficiently beaten back not to constitute a > continuing menace) sensibilities sometimes need to take a back seat. I suspected as much, but had avoided calling you a "hater" without actual proof. But it is one of the reasons why I started using "boob" in reference to you. You and boob are both haters who are so blinded by your hate that you will say anything, twist any fact, ignore all evidence to the contrary in order to make the other side look bad. I may be a lot of things, but I most definitely am not a hater. I liked Clinton personally and would probably have had a good time throwing back a few cold ones with him. I would never have considered him to be a hater, but the latest crop of liberals in Congress are mostly haters just like yourself. George Cook ------------------------------ Date: Mon, 23 Apr 2007 14:56:21 -0500 From: David J Dachtera Subject: Re: [TCPIP V5.6] Comment lines in tools (like FTP) Message-ID: <462D0F65.9700CEDB@spam.comcast.net> Peter 'EPLAN' LANGSTOeGER wrote: > > In article <462bb776$1@news.langstoeger.at>, peter@langstoeger.at (Peter 'EPLAN' LANGSTOeGER) writes: > >In article <462B7963.7C86DB43@spam.comcast.net>, David J Dachtera writes: > >>What other FTP clients tolerate "comments" on the stdin stream? > > > >If you'd bet, you'd won: TCPware's FTP client of course > > Ooops. Forgot the other: MadGoat FTP client Well, so far, those are all VMS-based FTP clients. How 'bout those in UN*X-land? ...WhineBloze? ...? -- David J Dachtera dba DJE Systems http://www.djesys.com/ Unofficial OpenVMS Marketing Home Page http://www.djesys.com/vms/market/ Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/ Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/ Unofficial OpenVMS Hobbyist Support Page: http://www.djesys.com/vms/support/ ------------------------------ Date: Mon, 23 Apr 2007 14:34:51 -0500 (CDT) From: sms@antinode.org (Steven M. Schweda) Subject: Re: [TCPIP V5.6] Still no TFTP client? Message-ID: <07042314345138_202002DA@antinode.org> From: sms@antinode.org (Steven M. Schweda) > http://antinode.org/ftp/misc/tftp/ From: "Ruslan R. Laishev" > http://starlet.deltatel.ru/~laishev/work/tftp/ My memory is getting to be completely useless. The stuff in my TFTP directory was not a full kit, only a few files with changes I was suggesting to Mr. Laishev. I haven't looked at the details, but from the file dates on his server, I'd suspect that any useful changes I may have suggested have already been incorporated into his kit, so there's probably little point in looking at my stuff. Sorry if I wasted anyone's time. ------------------------------------------------------------------------ Steven M. Schweda sms@antinode-org 382 South Warwick Street (+1) 651-699-9818 Saint Paul MN 55105-2547 ------------------------------ End of INFO-VAX 2007.223 ************************