Software Review: The Supervisor Series

Handy Software for Privileged VMS Users

Review by Floyd Lloyd

This article presents a review of the Supervisor Series of utilities for VMS.

The Supervisor Series is a collection of tools which give privileged VMS users the ability to intercept traffic between terminals and user processes running on the VAX.  There are a few different flavors of how it works, which will be discussed later in this article.

This software started life as a commercial product and was later released to the public domain.  It can be found on the Internet at: ftp.spc.edu/anonymous/macrosz/savesets via anonymous FTP.

Most of us who have had the privilege (and years) to remember hacking the DECSYSTEM-20, have fond memories of the TOPS-20 operating system.  It was a nice, comfy, friendly environment (my first impressions of VMS were not so complimentary).  TOPS-20 offered two commands that I really missed in VMS: SPY and ADVISE.

SPY functionality should be obvious from its name; it let you watch what was happening on another terminal.  You could see exactly what the other person was seeing, including their typing.  ADVISE went a step beyond SPY.  Not only did you get the display of the other person, but you also were allowed to type.  ADVISE gave you the equivalent of two terminals hooked to the same process on the Twenty.  The computer took input from either terminal and gave output to both, without discrimination.  ADVISE was a great tool for teaching spastic users.  It also helped out when two people were working on the same problem, but were at different locations.

I got very used to using SPY and ADVISE and missed them greatly when we migrated to VMS.  Well, now they're back (for VMS)in the form of the Supervisor Series of software.  The software seems pretty bulletproof - I demo'ed a commercial version of a package which did the same thing a few years ago.  Within five minutes after starting to use it, it crashed the VAX!  With the Supervisor Series, I've had none of these problems.  The software is well organized, works like a part of VMS, and comes with complete sources and excellent documentation.

Using the Supervisor Series is very straight forward.  The first problem to overcome is gaining access to a fully privileged account.  Once you've cleared that first (and big) hurdle, the product installs like any other quality VMS application using the VMSINSTAL.COM procedure.  I have two additional suggestions for the installation.  First, I would not install this product in its default location; hide it down in some subdirectory where no one ever goes.  Second, change the name of the .EXE from SUPERVISOR.EXE to MAIL.EXE or something innocuous; if someone FINGER you and sees a program called SUPERVISOR in use all the time, they may get suspicious - nobody worries when they see someone running MAIL all day long.  You'll also have to change the .CLD file to invoke the renamed .EXE.

The installation of The Supervisor Series will require the insertion of identifiers via the AUTHORIZE facility on the VAX.  If security auditing is enabled on the VAX, this action will set off alarms on the system console.  Once the identifiers have been added, you must grant them to yourself.  Once again, this can set off alarms on an audited system.

SUPERVISOR works in two basic modes which are analogous to SPY and ADVISE on the Twenty.  SUPERVISOR by itself works like SPY; showing you what's happening on a particular terminal.  SUPERVISOR invoked with the /ADVISE qualifier allows you to "join in" on someone's session.  SUPERVISOR also has a "quiet mode" and a "notify mode", which are controlled by the /NOTIFY qualifier.  If the /NOTIFY qualifier is specified, the target will get a message on his terminal letting him know that you're watching or advising.  The default is /NONOTIFY, which is sufficient for most applications; there's no evidence that you're watching them.

Once the product is installed, using it is simple.  The first step is to define the command to your process (the default installation location, which is not recommended for clandestine operations, is shown):

$ SET COMMAND SYS$SYSDEVICE:[SUPSER.EXE]SUPERVISOR # Next, the program is invoked: $ SUPERVISE LTA7: # To watch the user on LTA7: $ SUPERVISE/ADVISE LTA9: # To advise the useron LTA9: $ SUPERVISE/ADVISE/NOTIFY LTA9: # To advise the user on LTA9: and let them know about it

It's that simple and it really works.  The only thing that this product needs is the ability to monitor the RTAn: (remote terminal) class of device.  That inability is not a fault of the software; it is a limitation of VMS to provide this information.  RTAn: terminals are created when users use the SET HOST command to connect to your local system across a DECnet network.

The Supervisor Series consists not only of SUPERVISOR, but also includes PHOTO.  PHOTO (another long lost DECSYSTEM-20 command) allows you to record your keystrokes and screen output to a file for later review.  PHOTO used in conjunction with SUPERVISOR allows you to record the actions of someone else.

This software brings some real power to the user's hands, whether you're a system manager, hacker, or crasher.  The software and documentation are first rate and well worth the cost of an FTP.  So, I leave it up to the reader to do the hard work and gain a fully privileged account on a VAX.  Once you have that, get The Supervisor Series and enjoy yourself.