I'm not saying that it comes down to dynalloc. Security never comes down to a
single exploitation. Think about alcatraz which despite all the extreme
security measures still had an escape. I'm sayiing that dynalloc is not
controlled by security admins and there are simple scenario's to exploit it.
Jon.
On Saturday, December 23, 2017 12:15 AM, David Stokes <[email protected]>
wrote:
>>How can RACF stop someone when they have a legitimate need
It can't of course. That's why the Target attack (like most others) essentially
revolved around a bit of social engineering and getting access to a privileged
account. Along with poor malware detection, lack of network segregation and
various other factors. The systems were basically running on Microsoft
Virtualization and other MS facilities. To suggest this all comes down to
"Dynamic Allocation" which is unique to MVS based systems (due to its two-level
dataset access via DDs) is a bit of a stretch. Limiting dynalloc via more
security software would still be open to privilege elevation attacks.
