... Specifically, z/OS “System Integrity” is defined as the inability of any program not authorized by a mechanism under the installation’s control to circumvent or disable store or fetch protection, access a resource protected by the z/OS Security Server (RACF®), or obtain control in an authorized state; that is, in supervisor state, with a protection key less than eight (8), or Authorized Program Facility (APF) authorized.
Does this cover a UNIX user's escalating privileges to root? None of "circumvent or disable store or fetch protection", "in supervisor state", "with a protection key less than eight (8)", nor "Authorized Program Facility (APF) authorized" would seem to apply -- I believe root relies none of these. Is root covered by the remaining "access a resource protected by the z/OS Security Server (RACF®)"? Or would a clarification be in order? At least nowadays the SoI ought to mention UNIX. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
