=     PERSONA, UTILITIES, Become another user using identifiers     M /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *    *  *  *<  *                %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%\=  *                %% \___________________________________%% \ >  *                %% |                                   %%  \?  *                %% |              PERSONA              %%   \ @  *                %% |         aaareadme.txt c2003       %%    \@  *                %% |            Lyle W. West           %%    |@  *                %% |                                   %%    |@  *                %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%    |@  *                \                                        \   |@  *                 \                                        \  |@  *                  \                                        \ |@  *                   \________________________________________\|  *  *  *?  *  Copyright (C) 1999, 2003 Lyle W. West, All Rights Reserved. J  *  Permission is granted to copy and use this program so long as [1] thisH  *  copyright notice is preserved, and [2] no financial gain is involvedH  *  in copying the program.  This program may not be sold as "shareware"G  *  or "public domain" software without the express, written permission   *  of the author.  *M  * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */   G PERSONA is a C rewrite and enhancement of the GLOGIN utility written by ; Anthony C. McCracken, Northern Arizona University, in 1992.   B PERSONA uses the PTD$ routines supplied by VMS and may not work onC older versions of VMS. Early in the image, if device FTA0: does not 8 exist, PERSONA will exit with appropriate error message.  F This submission is sort of a version II, with some module rewrites and added functionality, such as:   @     - capability to log all PERSONA activation/deactivation info  F     - operate in detached or subprocess mode and the ability to define4       a process logical to predetermime startup mode  ?     - improved originator and target process naming conventions   B     - use of PQL values, so personified users authorize quotas are;       utilized when they exceed the sysgen PQL_Mxxx values.   H     - accounting style dump if detached (personified) process exits with"       other than SS$_NORMAL status   ------------------------------  G PERSONA permits users to connect to a named user account without having C to know the password for that account.  A process running under the A target username is created.  Its input and output are read from a 0 pseudo-terminal, which is controlled by PERSONA.  @ Unlike BECOME and SWAP, the process created by PERSONA is a fullA process, with all the privileges, rights identifiers, quotas, DCL D symbols, logical names, etc. as well as whatever else that is set up in the target user's LOGIN.COM.   A PERSONA requires the target username as a parameter.  Logging out B of the PERSONA account returns the terminal device and user to the) process which originally invoked PERSONA.   C You must set up a DCL foreign command to run PERSONA (since I use a . modified version of Joe Meadows CLI routines):  , 	$ persona == "$DISK:[DIRECTORY]PERSONA.EXE"  E To log in as user SYSTEM (assuming required idenifier), simply issue:    	$ persona system   F The effect will be similar to using SET HOST 0 or TELNET to connect toD local system, except there will be no Username and Password prompts.  F Help is available by entering PERSONA /HELP, which provides user info.I Users of PERSONA must have the privs described in the above help routine, E copy PERSONA.EXE to SYS$SPECIFIC: and use INSTALL.COM to install the  I image. Security is not a real issue because of the identifer requirement,  or the SysMgr password entry.   G PERSONA was created to permit nonprivileged users the ability to assume H the PERSONA of another user, provided they have an identifier granted toD the invoking user in the form of PERS_xxxx, where xxxx is the target@ username. If the identifier is not granted to the invoking user,G a message indicating user is not authorized to assume the target user's G persona. It is designed to be an installed image with associated privs.   F The identifier can be circuvented by use of the /IGNOREID command line> qualifier, where the user is then prompted to enter the system manager's password.   @ This release permits logging of PERSONA usage in that if within F the LNM$SYSTEM table, the logical name PERSONA_LOG is defined and the I equivalence string is a valid filespec, then entry and exit stats will be  recorded in this file.  H Note that the ability to use a subprocess for the personified operationsI has been implemented, but without extensive internals work, so just think F of it as another users process as a child of your process. Scary, huh?  H Coming soon is PERSONA_DECW which rather than utilizing a PseudoTerminalI for input and output, uses DecwTermPort to create a seperate DecTerm for  L the PERSONA session, thus freeing up the invoking terminal for other things, like smg$cribbbage.   2 Look for PERSONA_DECW on an archive near you soon.  ; Portions of this document were stolen from Hunter Goatley's 3 HGLOGIN bliss implementation, also based on GLOGIN.    Lyle W West 