On 20 April 2010 11:01, Paul Gilmartin <paulgboul...@aim.com> wrote: > Summarizing what no one has stated absolutely clearly yet, supervisor > state is a hardware state, controlled by a bit in the PSW; authorized > is a software state defined by flags set by the OS reflecting bits > in the load module and the library from which it was loaded.
Right. But it's a bit more muddled than that, because some operating system services required that the caller be "authorized", but in many cases this authorization can be APF authorization (regardless of what machine state the program is running with), *or* being in supervisor state. Often enough these services will also accept running in a "system key" (generally a key < 8) as well. The bottom line is that an APF authorized program can get itself into supervisor state and/or a system key, and a program running in supervisor state can do absolutely anything with the machine, including reading or changing any data in main storage or on disk, bypassing all security, and even stopping the entire complex. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
