Are you talking about 5740-XT2 (V1) or 5740-XT8 (V2)? Was it part of a standard install or optional? Did the documentation warn that installing the SVC would breach integrity?
-- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Assembler List <[email protected]> on behalf of Leland Bond <[email protected]> Sent: Sunday, August 9, 2020 2:52 AM To: [email protected] Subject: Re: Case Study: IBM SYSTEM/360-370 ARCHITECTURE (1987) The source for the ISPF/PDF SVC allowing it to run IEBCOPY was published by IBM and used in many (most?) shops. It was trivial to circumvent the checks that supposedly ensured it was being used for its intended purpose. The best that could be said about the checks was that they made it difficult to accidentally invoke the SVC. Even if that SVC wasn’t installed, it was easy to write a scanner to find similar backdoor SVCs and PCs installed by extremely popular ISV software or written by supposedly-knowledgeable systems programmers. Such backdoors with minimal to no validation were installed on all systems I saw well into the 1990’s, which was when I stopped looking. One of the best uses of such a backdoor was to turn on the bit in the ACEE that gave your TSO session RACF special or operations authority until the session was logged off or the bit was turned off using the same technique. It came in handy at one place I worked where I often had to submit a form and wait up to a week to do something required by my job - all because management felt “Process" was far more important than results. Those of you who know my dislike of the “P” word will know the company. This should also a lesson for those who write security products: Don’t base all protection on a single bit in user-addressable memory. David Bond > On 9 Aug 2020, at 07:26, Seymour J Metz <[email protected]> wrote: > > No. I remember shops that had one or more such SVCs, but they weren't part of > the MVS code base. > > > -- > Shmuel (Seymour J.) Metz > http://mason.gmu.edu/~smetz3 > > > ________________________________________ > From: IBM Mainframe Assembler List <[email protected]> on > behalf of Robert Netzlof <[email protected]> > Sent: Saturday, August 8, 2020 1:20 PM > To: [email protected] > Subject: Re: Case Study: IBM SYSTEM/360-370 ARCHITECTURE (1987) > > But do remember that in Ye Gude Auld Days, there was a widely known > "magic" SVC which granted authorization to the user. > > On 8/8/20, Doug Wegscheid <[email protected]> wrote: >> Site-specific SVC to do so? >> >> On Saturday, August 8, 2020, 12:11:14 PM EDT, <[email protected]> >> wrote: >> >> Interesting are the two paragraphs on page 302, bottom RHS. >> >> Case says that nobody used the ASCII capability of the S/360. >> >> Padegs says that "none of our operating systems were [sic] programmed >> to turn in the [ASCII] bit". >> >> So, no-one was able to use the ASCII facility. >> >> On 2020-08-08 12:19, Jim Mulder wrote: >>> https://secure-web.cisco.com/1aUqvwFSpDRbVn1aNs20guYdvXOPJuuZo5gtacL9Gf9EkZxszA21zIT61i9R8WB_j6gx90NmLvIxo3RSZADv4WZ3_gAGC2hsKqPLrZVSMAnqd1ULXDJ_N1Q0jTv6Py9O8j81_ZaN9_2QMJidYBlRdBbVmWK5O8Ok5dZvJE5VcdhWpmPgsG4lqNkpIOeeau3Hj_Mz29Pj3HE1LN_9KhlrMZlmK2tJGa8Bdh6ca81ZFRgj0foFG9Z5oBRb45u3ITmHFU4F9AbzKRB5tZWb294HsZdywlGOGfo70KzhWg_JKhm7kFz1_2z8NdtTe_kHlsEBKgmbTqz059j1ekDC0Mf-UZ-o2FEaXuQN7gmYaMBSZymqfxf0dAjCFAJVJlxDllnLswiB3PZCp11aX82cgk2xB5NYqTQwKnwiw_pzVyi9po6OCPHbc5BlgAaKecpPV0izK/https%3A%2F%2Fwww.cs.tufts.edu%2Fcomp%2F150FP%2Farchive%2Falfred-spector%2Fspector87ibm.pdf >>> >>> >>> Jim Mulder z/OS Diagnosis, Design, Development, Test IBM Corp. >>> Poughkeepsie NY >> >> > > > -- > Bob Netzlof a/k/a Sweet Old Bob >
