Let me play devil's advocate for just a minute. WHAT would actually constitute a "virus" in a VM/CMS environment?
We don't have the "backdoors" and "automatic program execution" stuff that comes out of Redmond, so you don't have to worry about, for example, XEDITing a file and it launching a program without your approval that formats your 191 disk. I suppose someone could create a PROFILE XEDIT that actually DOES format your 191 disk, but they cannot "introduce it to you" without you taking very specific actions, i.e. RECEIVE the file from the RDR. Is it reasonable to assume that, in 2009, CMS users know what EXEC, XEDIT, and MODULE files do? How would such a "virus" be detected? Is any program that executes the FORMAT command (for example) going to be considered "dangerous"? That would flag probably 50 or more legitimate execs that I use in production to manage the system. I just don't see the term "virus" being applicable in a VM/CMS environment. Perhaps "malicious executable" sent by a known entity, received by the recipient and executed with their explicit knowledge (EXEC/MODULE) or implicit knowledge (XEDIT macros). -Mike -----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Thomas Kern Sent: Wednesday, November 26, 2008 1:33 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: Virus Software for z/VM NFS was not allowed when we designed the process. NFS is still not on Cyber-Security's list of approved processes. If I were tasked to change this process today, I would move the storage and webserving to a linux server on an IFL after I get CLAMAV working there. But that kind of tasking has not come down yet. /Tom Kern On Wed, 26 Nov 2008 11:23:49 -0700, Jack Woehr <[EMAIL PROTECTED]> wrote: >Thomas Kern wrote: >> >> I would not want something like McAfee or Norton that run all the >> time looking at all the files, interfering with all work. I would >> want something like CLAMAV which will scan what I want, when I want >> and NO MORE. >Why not just NFS share your SFS disks and let the workstation based >scanner scan 'em? > >-- >Jack J. Woehr # "Sen. Obama has achieved a great >http://www.well.com/~jax # thing for him and for his country." >http://www.softwoehr.com # - Sen. John McCain
