And they're running all that on Winders now? -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Rick Fochtman Sent: Friday, June 22, 2007 9:53 AM To: [email protected] Subject: Re: SVC vs APF and other 'privileged' code
-----------------------<snip>----------------- > From time to time I read on the list about companies which demand ISVs > to provide source code for SVC routines to analyze it from security > point of view. > While I don't know to much about z/OS 'guts', I'm wondering what is > the reason for that? Or rather, why the SVC code is so important, > while APF-authorized libraries are not subject to analyze. The same > apply to propgrams in SCHEDxx members. > AFAIK (I could be wrong) APF-authorized program can bypass security > rules, so it can be dangeours. Is SVC more dangerous ? > > > Last, but not least - neither SVC, nor 'regular' APF-authorized > program can do anything illegal when not instructed, so unless ISV > folks unlimited access to prod system it is like dangerous knife in my > safe. > Other possibility is that "backdoor" entry is disclosed by ISV to our > sysprogs. In fact it owuld be a confession to security hole. ---------------------<unsnip>---------------------- My last shop processed enough money in a week to pay the U. S. National Debt, and NONE of that money was ours. We had to be like Caesar's wife, Calpurnia. That is, not only be pure, but perceived to be pure by all who beheld us. Security was held to be far more important than performance by "The Powers That Be". ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
