On 2020-08-08, at 15:19:05, Charles Mills wrote:
>
> Or a dozen or more other non-magic ways of getting into supervisor state.
>
How does this interact with IBM's Statement of Integrity:
https://www.vm.ibm.com/devpages/SPERA/istatmnt.html
...
IBM will accept all APARs that describe exposures to the System Integrity of MVS
...
System Integrity is defined for MVS as the inability of any program not
authorized by a mechanism under the customer's control to:
• circumvent or disable store or fetch protection
• access an OS password-protected or a RACF-protected resource (RACF is
the Resource Access Control Facility), or
• obtain control in an authorized state; that is, in supervisor state,
with a protection key less than eight (8), or Authorized Program Facility (APF)
authorized.
Of course, "under the customer's control" is a key phrase.
> -----Original Message-----
> From: Robert Netzlof
> Sent: Saturday, August 8, 2020 10:20 AM
>
> But do remember that in Ye Gude Auld Days, there was a widely known
> "magic" SVC which granted authorization to the user.
-- gil
