VM/370 Security

Tom Truscott trt at rti-sel.UUCP
Tue Dec 11 00:18:23 AEST 1984


> The main attractiveness of VM for secure systems is that VM itself is a
> very limited system, concerned almost solely with partitioning ...
This argument is compelling.  After all, VM concerns itself
with 'not sharing' (security) whereas MVS concerns itself with 'sharing'
(insecurity).  And VM's task is conceptually much simpler.

So I was surprised a few years ago to read a Datamation (?) article
by an IBM computer security person who said
that they 'warranted' the security of MVS but not VM.
That means IBM will fix any security hole found in MVS.

>From what I have heard MVS (with RACF) is much more secure than
MVF or MVT but only in the sense that security flaws are much more
obscure and difficult to exploit.  Perhaps VM, though potentially secure,
comes up short since VM users insist on sharing (minidisks, whatever)
and the hacks^H^H^H^Hmechanisms for so doing have security flaws.
	Tom Truscott



More information about the Comp.unix.wizards mailing list