On Fri, 21 Aug 2015 11:22:31 -0600, Paul Gilmartin <[email protected]> wrote:
>On 2015-08-21, at 11:05, Mark Zelden wrote: >> >>>> filesystem <uc_name>.TPLEX.ZFS >>>> >>> Beware also of "uc_name", which allows a nuisance (perhaps inadvertent) >>> DoS attack. Prevent this with either "charcase lower" or "charcase upper" >>> (or "asis_name"), at the cost of losing some flexibility in naming. >>> >>> (Would asis_name with DISABLE(DSNCHECK) also work?) >>> >> >> Can you please expound on that and provide an example of how this can >> be used to DoS my systems? BTW, I've seen this in many IBM examples, >> manuals, presentations etc. >> >(And long ago, MVS-OE mentioned "charcase lower" as a preventive.) > >Suppose you have "/u/mzelden". While it's unmounted I do "cd /u/MZelden". >Automount issues (something like) an ENQ EXC on MZELDEN.TPLEX.ZFS. >While that's in effect you can't mount "/u/mzelden". Not a DoS of your >entire system, just of your HOME. (At least this applied to HFS; zFS >might be different.) > So, OMVS / ZFS address spaces have the access and it gets mounted in a microsecond on my very fast z13 with flash disk. :-) But seriously, where's the exposure? Best Regards, Mark -- Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS ITIL v3 Foundation Certified mailto:[email protected] Mark's MVS Utilities: http://www.mzelden.com/mvsutil.html Systems Programming expert at http://search390.techtarget.com/ateExperts/ Where's the exposure? Mark Best Regards / Mit freundlichen Grüßen, Mark -- Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS ITIL v3 Foundation Certified mailto:[email protected] Mark's MVS Utilities: http://www.mzelden.com/mvsutil.html Systems Programming expert at http://search390.techtarget.com/ateExperts/ ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
