On Mon, 12 Mar 2012 16:08:39 +0000, Bill Fairchild <[email protected]> wrote:
>Writing an EOF record at the beginning of the data set does indeed "help >prevent programs from reading old data when a data set is read immediately >after being allocated", but the way it does this results in preventing the >reading of old data only from the first track. If a program can read beyond >this first track (which is not difficult to do even in an unauthorized >program), then the program can still read all the rest of the old data in the >allocated tracks. The only way truly to prevent a program from reading any of >the old data is to erase each allocated track, either when the old data set is >deleted or when the new data set is allocated. Erasing is a very expensive >process in terms of DASD utilization and elapsed time, which is why it is >almost never done. This is perhaps another example of "security through >obscurity", which has been discussed lately under thread subjects starting >with " Program FLIH backdoor ". I call it obscurity since getting beyond the >first! track deters most programs, but is not difficult if you know the "obscure" fact that it is quite easy to do if you want to. It may be "security by obscurity", Bill, but it's not something perpetrated by IBM, in my opinion. We document that Erase on Scratch exists, and why it should be used, and that (depending on the DASD you're using) if you don't use that function old data can be exposed. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
