On Mon, 13 Jul 2015 15:46:08 -0700 Charles Mills <[email protected]> wrote:
:>Probably more likely to do inadvertent "storage" damage with Key 0 ("oops, I
:>forgot that subroutine destroys R2") than to do inadvertent "you shouldn't
:>use that op code" damage with supervisor state.
If you were going to SPKA in APF code, you would MODESET anyway.
:>I think inadvertent "oops's" are the issue here. If you are malicious, then
:>if you have APF authorization all bets are off.
What kind of oops would supervisor state alone allow?
:>-----Original Message-----
:>From: IBM Mainframe Discussion List [mailto:[email protected]] On
:>Behalf Of Binyamin Dissen
:>Sent: Monday, July 13, 2015 2:43 PM
:>To: [email protected]
:>Subject: Re: SYSTEM KEY Programming Was: IVSK and SPKA
:>On Mon, 13 Jul 2015 16:51:33 -0400 "Shmuel Metz (Seymour J.)"
:><[email protected]> wrote:
:>:>Au contraire, it is unwise to run i Supervisor when you don't need it.
:>:>Honor the Principle of Least Privilege and keep it holy.
:>Actually, it is quite inefficient to keep switching in and out of supervisor
:>state. Supervisor state alone does not give you much more ability for
:>mischief than APF.alone.
--
Binyamin Dissen <[email protected]>
http://www.dissensoftware.com
Director, Dissen Software, Bar & Grill - Israel
Should you use the mailblocks package and expect a response from me,
you should preauthorize the dissensoftware.com domain.
I very rarely bother responding to challenge/response systems,
especially those from irresponsible companies.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
