>I think it all depends on how you set up the LPARs. You can assign a
>fixed percentage of CPU, a fixed amount of memory, specific IO channels
>and peripherals to an LPAR. And the LPARs can then be completely
>invisible to the others. They are just like two physically separated
>machines.
You hope. This is where security holes come in. You will not achieve the
same level of security as you will with physically separate machines.
There are too many places for human error, both software and hardware.
I don't even know if it's theoretically possible. I don't believe it's
practically
possible.
No, having said that it's not a bad design, and I applaud the attempt. It's
not worthy of absolute faith, though.
<fault isolation snipped>
>The workings of the LPARs are still amazing to me. I wonder why there is
>no similar technology from UNIX vendors or for NT. A single runaway
>process on UNIX or NT can bring the whole system down.
Sun is trying with the E10000. Their security model is much, much worse.
I think they're doing OK with the hardware allocation, and fault
isolation.
>I guess many MVS admin working for years may still not be able to
>circumvent the barrier imposed by the LPAR by exploiting bugs in the OS.
>Of course, there are many other ways if you are an insider especailly if
>ou are an admin. But for an intruder from the Internet ? I can't think
>of any mechanism that is possible. Maybe, some other more experienced MVS
>admin listening on the list can shed some light on it.
Clearly there are no publically known methods. I have to assume they are there,
though.
>Lastly, I want to emphasize that, I did not say it is risk free. I just
>meant my experience told me that LPARs are just like separate physical
>machines even when I was an Admin. I wonder you would get any information
>from this list of a way to compromise an LPAR even if this exist.
Unless they are clunking relays open and closed to physically separate
busses, there has to be some way.
>However, I wonder why you need to do that. Mainframe is much cheaper
>nowadays. Why not use a small dedicated one in the DMZ ?
Physical separation will be more secure. The LPAR thing's advantage
is lower cost.
Ryan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
