On Mon, 17 Nov 2014 08:40:18 -0700 Paul Gilmartin <[email protected]> wrote:
:>On 2014-11-17, at 08:05, Tom Marchant wrote: :>> On Fri, 14 Nov 2014 18:31:23 -0500, Farley, Peter x23353 wrote: :>>> I have often thought it was a mistaken design by IBM that prohibits :>>> non-authorized programmers from exploiting multiple address spaces :>>> and instruction-level space-switching facilities. :>> How would you propose that such non-authorized programs access only :>> the other address spaces that they were permitted to access? In other :>> words, how would you protect the integrity of all address spaces if :>> unauthorized code were able to access other address spaces? :>fork() allows programmers to exploit multiple address spaces. It :>requires no elevated privileges. I presume it protects integrity. the enablement part of fork has elevated privileges to maintain integrity. There is no reason that a simple MVS service to allow connection to another address space could not be provided - if there was a need. All you need to do is mark the target address space non-swapable, add the STOKEN and set the SSAR bits. Then the ALET could be used for access. -- Binyamin Dissen <[email protected]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies.
