On 21 Jun 2007 14:03:20 -0700, in bit.listserv.ibm-main
(Message-ID:<[EMAIL PROTECTED]>)
[EMAIL PROTECTED] (R.S.) wrote:
From time to time I read on the list about companies
which demand ISVs to provide source code for SVC routines
to analyze it from security point of view.
While I don't know to much about z/OS 'guts', I'm
wondering what is the reason for that? Or rather, why the
SVC code is so important, while APF-authorized libraries
are not subject to analyze. The same apply to propgrams in
SCHEDxx members.
AFAIK (I could be wrong) APF-authorized program can bypass
security rules, so it can be dangeours. Is SVC more
dangerous ?
What follows is a mixture of facts, opinion, and
experience. I am not pointing a finger at any particular
companies or software packages.
SVCs are useful, in part, in that they can perform
authorized functions when called from non-authorized
programs. Therefore, they need to be extra-careful that
they do not perform functions when they oughtn't. An
authorized program to, for instance, issue an MVS command
is relatively safe because it can be called only from
another authorized program. An SVC to do the same needs to
do extensive checking to be sure the caller is authorized
to issue the command.
Many companies, and some software packages, even have
"get yourself authorized" SVCs. If you know the secret
software handshake, you can make your non-authorized
program authorized. Some of these SVCs do better jobs than
others of assuring that they came from programs which are
to be trusted. Regardless, they're frowned on by auditors.
--
I cannot receive mail at the address this was sent from.
To reply directly, send to ar23hur "at" intergate "dot" com
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
