On Mon, 16 Mar 2015 15:05:37 -0500, Paul Gilmartin <[email protected]> wrote:
>When I whined about the "(how?)" in connection with SMP/E a few years ago, >before I knew even what little I now suspect about the nature of the weakness, >Walt replied with words similar to "reasonable caution". I take that to mean >that whatever flaw, it's (perhaps) susceptible to malicious exploitation, but >highly unlikely to be triggered inadvertently. Exactly. It is not specifically that the programs may misbehave, but that the users may misbehave. If you trust the users not to misbehave, then you can safely let them run the program. If you don't trust them, then you should not let them run it. I do wish that IBM would describe the exact nature of the possible user misbehavior. Then folks like Charles would know more about the kind of program behavior they need to consider when deciding whether it's safe to invoke a program while running APF-authorized. Of course, if the possible user misbehavior were described in detail, then the malicious users would also know more about how to look for such potentially exploitable situations. That makes it difficult to convince everyone to improve that documentation. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
