On 3/2/2012 1:29 AM, David Cole wrote:
If the PFLIH hook is (as it has been described earlier in these threads) a mechanism by which a non-authorized process can become authorized, then its very existence is a "substantive offense" in and of itself. It is not just "a template", it doesn't just show the way. It *is* the way.
A "magic" PFLIH technique is not substantially different, from an integrity standpoint, than a "magic" SVC except that the code gets control for EVERY interrupt and so has the potential to slow things down if not implemented efficiently. The presence of SVC IGX00011 on z/OS systems *proves* that so-called "magic" SVCs that "confer authority to their callers," while arguably not a 21st-century best practice, are NOT considered an exposure when implemented correctly. (Those last three words are very important!)
The real question is whether an unintended third party can use the code to become authorized. Unlike the "magic" SVCs of the past, I'm confident that IGX00011 cannot be exploited by unintended third parties. The same might very well be true of the PFLIH approach being discussed here, despite any speculation or hearsay to the contrary.
-- Edward E Jaffe Phoenix Software International, Inc 831 Parkview Drive North El Segundo, CA 90245 310-338-0400 x318 [email protected] http://www.phoenixsoftware.com/ ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
