2008/7/15 Jim Mulder <[EMAIL PROTECTED]> wrote: > IBM Mainframe Discussion List <[email protected]> wrote on 07/14/2008 > 02:52:12 PM: > >> Indeed. Though in fairness, it must be pointed out that not every use >> of user key CSA is a security or integrity exposure. Distinguishing >> the many cases that are from those that are not is so difficult, >> though, that disallowing it by default is certainly the right thing to >> do. > > The only use I have ever seen that was not an exposure was a > VSMLIST testcase which obtained user key CSA, and then verified that > VSMLIST correctly described the storage. The reason that it was not > an exposure was that the testcase did not actually access the storage. > > It is, however, very common for product developers to think > (erroneously) that their use of user key CSA is not an exposure.
The classic case (no - we don't do this in our products, and no - I'm not saying it's a good idea) is to keep use or performance counts in this area, so they can be updated by non privileged routines. Yes, of course a malicious (or even careless) user can mess up the numbers, but I have trouble seeing it as an integrity exposure. One could perhaps argue that a malicious user could trick some other code into doing something it shouldn't by virtue of being able to place arbitrary data into this piece of CSA, but that is certainly the fault of that other code's doing a bogus validity check. That kind of checking went out of fashion with DEBCHK in 1974. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
