Thomas Kern wrote:
That's why I like using something internal to the zSeries for zSeries
communications and automation. The source of the data can be trusted to not be
spoofed so you can authenticate that against a table of authorized users and be
safe. With the VMCF protocal (SMSG is just a commandline SENDX, right?) and the
IUCV protocal, CP handles the sizing of the data before the Linux code would
ever see it, leaving application developers to look elsewhere to code their
buffer overrun vulernabilities. It is unsniffable by the network spies so there
is no need for fancy CPU intensive encryption with public/private key
management.
I was thinking of something slippery like an ampersand, which might be
bad if fed unchecked to a shell commandline.
I don't think CP's idea of safe characters is quite he same as Unix's.
/Tom Kern
--- John Summerfied <[EMAIL PROTECTED]> wrote:
Looks like I need to fix myself:-)
Dave Jones wrote:
As Dr. Boyes suggests, using the open source IUCV driver is a very good
way of solving this type of problem. You can find it here:
http://www.sinenomine.net/vm/fsiucv
Another approach that might be applicable here is to have a simple
client, running on the Linux guest, and listening on a specific TCP
port. A server, running on VM, can then connect to the client and send
the client any number of Linux commands to execute. The client executes
the commands
Carefully, one hopes. We don't want this sort of thing getting out of
hand again (like rsh and any number of web apps), trusting user data and
so allowing unauthorised folk to do unauthorised things (and that
included authorised folk exceeding their authorisation).
--
Cheers
John
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
--
Cheers
John
-- spambait
[EMAIL PROTECTED] [EMAIL PROTECTED]
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
Please do not reply off-list
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
