On Tue, Nov 26, 2019 at 07:13:47PM +0000, Seymour J Metz wrote: > If you have update access to APF authorized libraries then you could > certainly write such a program, although a competent auditor would read > you the riot act if he found out. Exploiting a program that follows the > rules is harder.
Figuring out the "rules" is hard. Following them is harder. It's very easy to get an authorized function to usually work. Writing the code so that it works and fails correctly and is secure is much harder.. For security it's usually best to let the hardware provide the security boundaries whereever possible (address space and protect keys). Write access to an APF library on a personal test system is really useful for education, development, and trying out system services. A non-shared test system doesn't have system stability or security issues to be concerned about. But be very careful NEVER to run that type of code on shared systems. I once traced instruction counts for a path of "hit enter once" type action. This involved turning on instruction fetch PER and disabled DAT off code to update a counter for each asid/instruction address. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
