PFILE

Submitted by:	Ken A L Coar
		General Dynamics
		12101 Woodcrest Executive Drive
		Creve Coeur, MO   63141
		(314) 851.4003



This program allows a user possessing CMKRNL to alter an additional level
of protection on a file.

Documentation concerning the implementation of this alteration is intentionally
sparse, due to its rather sensitive nature. Since the program uses semi-
documented features of VMS, no guarantee of its continued proper function is
either implied or explicitly stated, and neither the author nor General
Dynamics Corporation may be held in any way responsible for the program's
reliability, or for any effects which result from its use.

Each of the four ways of accessing a file (Read, Write, Execute, and Delete)
may be limited to succeeding IFF the requestor is running in a particular
access mode or higher. Since RMS runs in executive mode, this essentially
means that the file may be generally accessible or inaccessible for that
type of access, depending upon whether the processor mode of the requestor
is kernel or not.

	$ PFILE /DELETE=KERNEL SYS$SYSTEM:SYSUAF.DAT

would result in the UAF's being undeletable except by a program specifically
written to delete it using $QIO calls in kernel mode.

Good luck. I strongly recommend that the source be taken offline immediately
because of the security implications of this program.

#k