In <4f724ce6.9030...@kr-inc.com>, on 03/27/2012 at 06:27 PM, Ray Overby <ray.ove...@kr-inc.com> said:
>Lets say there is a SVC that when you IPL your z/OS system it is >installed and available for use (i.e - any one can issue the SVC). >The SVC either came with z/OS or your system programmers installed >it because of an ISV product your company purchased or its an >in-house written program. For this example lets assume one of your >TSO users will attempt to exploit this vulnerability. You're begging the question; you haven't mentioned a vulberability yet. >Like any SVC when invoked it will get control in an authorized state > (PSW Key 0). Further this SVC issues a STM instruction very early >in the SVC code storing into where ever R13 points to. That's only a vulnerability if such an SVC exists. You haven't shown that. No SVC in z/OS that I'm aware of has such an STM. It would certainly violate IBM's statement of integrity. >This type of defect is easily exploited Only if it exists. -- Shmuel (Seymour J.) Metz, SysProg and JOAT ISO position; see <http://patriot.net/~shmuel/resume/brief.html> We don't care. We don't have to care, we're Congress. (S877: The Shut up and Eat Your spam act of 2003) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN