On Sun, Oct 12, 2014 at 11:20 PM, Paul Gilmartin <[email protected]> wrote: > On Sun, 12 Oct 2014 23:57:59 +0100, z/OS scheduler wrote: >> >>My answer is NO, unless you want the same vulnerabilities that all the >>Mickey Mouse operating systems have! >> >>https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CB0QFjAA&url=http%3A%2F%2Fen.wikipedia.org%2Fwiki%2FShellshock_(software_bug)&ei=rQY7VJ3lDIbd7Qblz4GADQ&usg=AFQjCNFg343o1dRngjUfzO7Pl_6F8KM5dQ&sig2=NaRHO3oJUKwdR-o0GOpqeQ&bvm=bv.77161500,d.ZGU >> > Your choice of words betrays some bias tnat undermines your credibility. > > -- gil
I have my own biases. Some of which I will admit to, such as my dislike for MS-Windows. I think that everybody had biases. In my opinion the problem with the OP's post is more that he apparently thinks that BASH in and of itself will compromise z/OS security. This is likely due to the "shell shock" exploit, and the way that BASH is used to implement some processing in Linux, much like we in z/OS land use exit code. The exploit has already been patched against in the latest versions of BASH (including the z/OS version now on the CBT). BASH is not part of the OS itself. It is just a command processor. It is no more dangerous that the supplied UNIX command processor, /bin/sh. Which may, or may not, have some bug in it which can be exploited in some way. We can't tell because (1) we don't have the source to audit - unlike BASH; (2) nobody has yet found it; or (3) somebody has found one and is not publicizing it. I don't know why the OP has this association in his mind. And speculating on it would not be in anybody best interest. So I shall remain silent on this point. -- There is nothing more pleasant than traveling and meeting new people! Genghis Khan Maranatha! <>< John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
