VM/370 Security

Mike Eager eager at amd.UUCP
Thu Dec 20 11:11:08 AEST 1984


> So I was surprised a few years ago to read a Datamation (?) article
> by an IBM computer security person who said
> that they 'warranted' the security of MVS but not VM.
> That means IBM will fix any security hole found in MVS.
> 
> From what I have heard MVS (with RACF) is much more secure than
> MVF or MVT but only in the sense that security flaws are much more
> obscure and difficult to exploit.  Perhaps VM, though potentially secure,
> comes up short since VM users insist on sharing (minidisks, whatever)
> and the hacks^H^H^H^Hmechanisms for so doing have security flaws.
> 	Tom Truscott

MVS is substantially more secure than MVT or MFT or the other OS/360 or DOS
operating systems, having plugged most of the glaring holes.  Sometime I'll
tell about how I used to tell the operating system to use my open exit, then
I'd finagle getting returned in supervisor mode.  Ah, history.

There was an IBM Systems Journal some years ago which had a set of articles
about VM security.  I have the feeling that it should be quite easy to verify 
that VM is secure, in the sense that one user cannot obtain or alter the data
of another user without permission.  Sharing mini-disks requires that 
permission.



More information about the Comp.unix.wizards mailing list