On Wed, Jul 21, 2021, 12:27 PM Reco <recovery...@enotuniq.net> wrote:
> On Wed, Jul 21, 2021 at 09:36:37AM -0700, James H. H. Lampert wrote: > > "Immutable backups." Interesting concept. But how? > > ....... > OS/400 was before my time, but I have a limited experience with z/VM > which ran at z9 mainframe about 10 years ago. I wrote security software for z/VM's ancestors VM/XA and VM/SP. I read years ago of trojan proof-of-concept code for the MVS series OSs from IBM. It could be done but of course was an insider attack. One day certain IBM > engineer somehow managed to execute a certain job from one LPAR in > another, completely breaking the isolation between LPARs. The mainframe > just shutdown presumably to prevent other abuse to happen, and in modern > terms this could be classified as locally executed DOS attack. > A B-level mandatory-access control OS is specified to prevent that. It can be done by 3rd party software if, of course, you are able to front-end the system calls (SVCs in their terminology). We did have source licenses for our implementation on HP/UX and Solaris but it was not strictly necessary. ...... > As long as OS promotes and considers perfectly normal to run arbitrary > software obtained from $DEITY knows where - such OS cannot provide any > kind of meaningful security, user data being considered. > It's counter-intuitive I know, but your statement is provably false with the right security model. Google the Bell-LaPadula model. Equally valid in what we consider a normal computing environment and even in multi-user unix/Linux environments. > Reco > >