And this IMHO is why the shared access to OS control blocks without access controls makes z/OS less secure than a Linux Kernel which is locked down. I think the clarification is cover for “we have a significant read-only vulnerability” that needs to be corrected. Giving away information that shares attack vectors makes an attacker’s job easier.
Matt Hogstrom PGP key 0F143BC1 > On Feb 4, 2022, at 06:42, Radoslaw Skorupka <r.skoru...@hotmail.com> wrote: > > IBM's clarification: the information in PARMLIB is accessible to any > non-privileged user via control blocks, CVT, etc. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
