You may find this useful: https://public.dhe.ibm.com/partnerworld/pub/misc/coding_for_system_integrity_in_zOS_for_isvs.pdf#!
--Art Celestini At 05:11 PM 11/30/2013, Jim Thomas wrote: >Chris, > >Thank you for your reply sir ... I concur w/your suggestions and no, I am not >and will not do so. > >That said, w/regard to TPROT, I've had a localized routine that I wrote before >the hardware >got involved. > >Again, thank you for your suggestions. > >Kind Regards. > >Jim Thomas > >-----Original Message----- >From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On >Behalf Of Blaicher, Christopher Y. >Sent: Saturday, November 30, 2013 3:53 PM >To: IBM-MAIN@LISTSERV.UA.EDU >Subject: Re: Un-authorized caller calling authorized services. > >There are a number of things you need to do to prevent an integrity exposure. >At one point I saw a presentation by IBM on this, but right now I can't place >my hands on it. If I do find it, I will post it. Here are the main points of >it, as I remember them. > >- Don't ever read data from a caller's address space when you are not in the >caller's key. As an SVC or PC your routine can be entered in key >zero/supervisor state, I.E. you are a god and can do anything you want. > >- Don't EVER, EVER write data to a caller's address space when you are not in >the caller's key. > >- You may have written the routine for your exclusive use, but don't >assume/think/hope that no one else is going to find it. Someone will and then >they will try to exploit it or use it for nefarious purposes. > >- TPROT data areas to be referenced. > >Let's assume the interface calls for R1 pointing to a two word parameter list. > First of all, the words pointed to by R1 may be outside of his address space, >so you want to verify their location is valid. Then the individual parms may >or may not point to valid data in his address space. > >The original presentation went into about 10 different ways a nefarious user >can try to get your valid routine to do something bad. Maybe Peter Relson has >access to it and can post it. > >Chris Blaicher >Principal Software Engineer, Software Development Syncsort Incorporated >50 Tice Boulevard, Woodcliff Lake, NJ 07677 >P: 201-930-8260 | M: 512-627-3803 >E: cblaic...@syncsort.com > > >-----Original Message----- >From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On >Behalf Of Jim Thomas >Sent: Saturday, November 30, 2013 3:09 PM >To: IBM-MAIN@LISTSERV.UA.EDU >Subject: Re: Un-authorized caller calling authorized services. > >Forgive me, > >I have an authorized service that I've written but needs to be able to allow >un-authorized callers to use. > >Could anybody please provide any direction on the best way to implement this >??. I've already looked at PC's (which might be fine) and having a server type >address space (not something I want to do). > >I just want to use an acceptable API or venue of sorts. > >Lastly, a while back, I'd posted an email asking how to get a product SMP/E >instable and while I never got any responses per se, I did get one offline >email from someone that faced the same issues as I did. > >To that person, if you happen to read this, please re-contact me offline. I >apologize but I lost your email but have some information for you. > >Kind Regards. > >Jim Thomas >j...@thethomasresidence.us > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
