Why is there a Clear_Tdisk option? Because not clearing T-disk poses a security problem. There is no such problem with V-disk.
Regards, Richard Schuh > -----Original Message----- > From: The IBM z/VM Operating System > [mailto:ib...@listserv.uark.edu] On Behalf Of Gentry, Stephen > Sent: Thursday, September 17, 2009 11:29 AM > To: IBMVM@LISTSERV.UARK.EDU > Subject: Re: TDISK and SYSTEM CONFIG question. > > I guess I should have read Richard's response closer. So, > I'll echo Dennis's question as well. > What security problem? > We do not have CLEAR_TDisk enabled. Every time we define a > t-disk, it HAS to be formatted, no exceptions. > Steve > > -----Original Message----- > From: The IBM z/VM Operating System > [mailto:ib...@listserv.uark.edu] On Behalf Of O'Brien, Dennis L > Sent: Thursday, September 17, 2009 2:15 PM > To: IBMVM@LISTSERV.UARK.EDU > Subject: Re: TDISK and SYSTEM CONFIG question. > > What "security problems" in T-Disk? If you enable > Clear_TDisk, there's no security problem. Even if the system > crashes while confidential data is on a T-disk, it's cleared > at IPL time before the T-disk space is eligible to be given to users. > > Dennis O'Brien > > My computer beat me at chess, but it was no match for me in > kickboxing. > > > -----Original Message----- > From: The IBM z/VM Operating System > [mailto:ib...@listserv.uark.edu] On Behalf Of Schuh, Richard > Sent: Thursday, September 17, 2009 08:22 > To: IBMVM@LISTSERV.UARK.EDU > Subject: Re: [IBMVM] TDISK and SYSTEM CONFIG question. > > If you have the page space to support it, you can get by > without TDSK space by using V-disk. It is always cleared very > quickly, by CP, before it is used and does not pose the > security problems that you find in T-disk. A large V-disk is > also faster to format than is a T-disk of equal capacity. > > Regards, > Richard Schuh > > > > > -----Original Message----- > > From: The IBM z/VM Operating System > > [mailto:ib...@listserv.uark.edu] On Behalf Of Alan Altmark > > Sent: Wednesday, September 16, 2009 6:51 PM > > To: IBMVM@LISTSERV.UARK.EDU > > Subject: Re: TDISK and SYSTEM CONFIG question. > > > > On Wednesday, 09/16/2009 at 07:14 EDT, "Gentry, Stephen" > > <stephen.gen...@lafayettelife.com> wrote: > > > > > Further, and in the same manual, it states that you can > clear each > > T-DISK > > > before it is reassigned. It depends on your point of > view but this > > seems > > > contradictory. Clear, in my opinion, means the T-DISK > > created with the > > DEFINE > > > command is completely cleared. Of course clearing cylinder 0, in > > > effect, > > makes > > > the area unreadable. Also one section of the manual seems > > to say that > > the area > > > is cleared at IPL time, the other section seems to say it > is cleared > > before it > > > is reassigned. > > > > Clearing cyl 0 only does not prevent you from reading the > other cyls > > on the volume; it simply stops you from mounting it in the "usual" > > fashion. > > > > The z/VM Secure Configuration Guide tells you to enable > CLEAR_TDISK in > > SYSTEM CONFIG. If you configure your system much the way it is > > described in that book, your auditor won't have any arguments with > > you. > > > > Alan Altmark > > z/VM Development > > IBM Endicott > > >
