On Tue, 8 Jun 2010 20:14:29 -0400 Pinnacle <[email protected]> wrote:
:>same thing. Authorized code can hack MVS, unauthorized code can't. The security exposures exist when the authorized code "trusts" an address passed by unauthorized code. Authorized code cannot trust anything provided by unauthorized code. That means going into the callers key when fetching or modifying storage based on an address provided and should the caller pass the address of a protected control block, such as a TCB address, verifying that the address is in fact of a TCB and it is where such service is allowed. Should an exit be allowed, such as a DCB OPEN exit, SYNCH back to problem state and key must be used. And, obviously, no workareas of the authorized routine are allowed to be in a key that allows the unauthorized routine ability to update (and, perhaps, even fetch). -- Binyamin Dissen <[email protected]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
