MPE automates (some) password security
May 7, 2014
It only took a matter of weeks to create an unpatched security threat to the world's single-most installed vendor operating system, Windows XP. At about a 30 percent penetration of all PCs, XP is still running on hundreds of millions of systems. A zero-day Internet Explorer bug got patched this month, however, reluctantly by Microsoft. Once it cut its software loose -- just like HP stopped all MPE patches at the end of 2008 -- Microsoft's XP became vulnerable in just 20 days.
MPE, on the other hand, makes a backup file of its account structure that will defy an attempt to steal its critical contents. HP 3000 users can count on the work of an anonymous developer of MPE, even more than five years after patch creation ceased.
The automated protection of MPE's passwords comes through jobstreams from a key backup program. These files, created by using the BULDACCT program, are jobstreams that can only be read by 3000 users with CR (the jobstream's CReator, who might be an operator) or SM (System Manager) privileges, according to Jon Diercks' MPE/iX System Administration Handbook. Diercks advises his readers, "Even if your backup software stores the system directory, you may want to use BULDACCT as an extra precaution, in case any problems interfere with your ability to restore the directory data normally." However, he adds, the BULDJOB files are powerful enough to warrant extra care. After all, they contain "every password for every user, group and account, and lockwords for UDC files where necessary."
Note: the jobstream files you build on your own -- not these BULDJOBs -- can be secured on your own. But you must do that explicitly. These user-created streams' protection is not automatic.
In any case, you should use BULDACCT every day, according to Vesoft's Vladimir Volokh, not just as an optional extra precaution. "Do it before -- well, before it happens," he says. What can happen is a messy manure of a failure of an LDEV, one that scrambles the system directory.
The BULDACCT option includes the jobstreams in the backup tape. After your backup is complete, you should PURGE these two streams from your 3000's disk.
Those BULDACCT jobstreams (BULDJOB1 and BULDJOB2) are automatically secured at the file level. This protects BULDACCT streams from hackers' pry-bars, a very good thing -- because this stream contains all system information including passwords.
You can then RESTORE these streams if you still have a disk error that leaves files intact, but ruins the directory structure. BULDJOB1 contains the instructions to rebuild directory structure, a job that runs before you RESTORE files. BULDJOB2 contains the SETCATALOG commands needed for to reassign all user, account and system UDCs, according to Diercks' fine book. Still available, by the way, online via O'Reilly's Safari e-book service.
Volokh says that if any of the above still seems unclear, 3000 managers can call him at Vesoft and he'll walk managers through the process. "For details, just call us. Don't chase the horse after the barn door has been opened."