On 3/4/2012 10:24 AM, Shmuel Metz (Seymour J.) wrote:
The presence of SVC IGX00011 on z/OS systems *proves* that
so-called "magic" SVCs that "confer authority to their callers,"
The ESR's do not"confer authority to their callers," but rather invoke
narrowly defined functions. The so-called "magic" SVC's return to
their callers in a more privileged mode.
Look more closely. That is exactly what IGX00011 does. It is called in problem
state and returns in supervisor state.
are NOT considered an exposure when implemented correctly.
I have yet to see one that was implemented correctly.
You need to look more closely at IGX00011. Hint: the "secure" implementation is
not just in the SVC(ESR) routine itself but also in the caller which discards
all information it had before the SVC(ESR) invocation, including base register
contents, etc. and starts over with a clean slate.
--
Edward E Jaffe
Phoenix Software International, Inc
831 Parkview Drive North
El Segundo, CA 90245
310-338-0400 x318
[email protected]
http://www.phoenixsoftware.com/
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
