> HI! > > I am a little bit surprised. Nobody seems to have this problem!? > > Is Linux for zSeries (S/390) not vulnerable?
Think about what a virus, trojan or worm writer needs to develop his/her code. They all have a stock standard x86 PC. Do they have a S/390 or zSeries? (Ignoring Hercules for the moment.) Look at Code Red (I & II) and Nimda [1]. They inserted x86 code into MS IIS on an intel machine. Look at Bugbear - it's delivering MS specific code (exploiting an old Outlook exploit again). Most (is it as much or more than 95%) of infectious code is for MS WinXX on intel. Looking at recent Linux exploits; even the Apache SSL V1 Slapper probably wouldn't do anything more than take a segmentation fault on a S/390 or zSeries penguin (it was taking a segfault on my x86 SuSE Linux system before I patched it). The same goes for PowerPC and other non-intel archictectures. I think we also get some protection since Linux for zSeries is big-endian. So while security patches should be applied when available, I'm not sure, IMHO, that there is the same degree of urgency to apply them. Hercules does pose a risk, it gives the determined cracker an emulated platform to develop code that can exploit our platform. It runs on his stock standard x86 PC. Are they going to bother with Herc, when writing code to exploit x86 is so much easier? What are their motives? What do they get from writing this malicious code? Is this just the script kiddies with too much spare time? So the answer isn't "no" it is "less vulnerable". > If yes! > Why there are security fixes for Debian 3.0 for S/390? > > If not! > Is RH72 for S/390 insecurer than RH72 for x86? > It's all about assessing the risk vs the cost. You can probably take the NOARCH srpms and build from source if you're very paranoid or are running a very sensitive application. I agree with Mark Post's reply "If you've bought support, ask RedHat". Regards, Dougie Lawson -- ITS Technical Support SupportLine for IMS, DB2 & Linux [1] http://www.icir.org/vern/talks/vp-0wn-UCB.pdf
