On Tuesday, 02/05/2008 at 02:19 EST, David Boyes <[EMAIL PROTECTED]> wrote: > Commands exist and are shipped with the OS to examine the spool files > for other users. No commands are provided to examine pages written by CP > for other users. Both can be circumvented if you have access to the disk > containing the data, but it's a lot harder. Thus the "fairly easy" -- > give your id class B somehow, and you're done. Assembling a virtual > machine from pages on disk is a lot harder -- not for ordinary mortals. > > You're overreading the statement -- relax. It's a matter of comparative > degree.
Perhaps, but I don't take statements like that lightly. Our Common Criteria certifcation work, in fact, provides assurance that unprivileged users CANNOT get to others' spool or memory without their active cooperation. There is no "comparative degree". Alan Altmark z/VM Development IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
