On Thu, 8 Mar 2012 13:49:28 +0000, Pate, Gene wrote: >You have your definition for 'backdoor', I have mine, Next.
That is the root of your confusion. This thread is about a vendor creating a backdoor according to my definition. You are "amazed at the uproar over this" because you applied your definition of what a "backdoor" is without considering the description of what the backdoor was in the original discussion. >if they were APF authorized then they could >by definition switch anyone or any task in the >system to supervisor state Yes, an APF authorized program can do that. It can also create a "backdoor" (my definition) that any task in the system can walk through and get into supervisor state. That is the objection that was raised, and it is a very different matter. Since your definition of a "backdoor" is simply an intercept of a system routine, what would you call it when an authorized program creates an interface that any program can use to put itself into supervisor state? >Now if they did this magic and they were NOT APF >authorized, then we have a lot to talk about here. Of course they were authorized to be able to install their intercept >I have not seen the vendor code and cannot >comment on what it does or does not do or >how much security checking it does or does >not perform before it does what it does. That was Ed's point too. Neither have I and it's the reason I said "alleged". -- Tom Marchant ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN
