First off, if the hypothetical malicious program that you are worried about is running authorized then all bets are off. APF is the skeleton key to all of the locks in the kingdom. Reading random name/token pairs is the least of the problems.
> How difficult is it to "guess" the name? If the name the programmer has chosen is p@ssw0rd then pretty easy. If the chosen name is some quasi-random 64-bit number, then not so much. IOW, it's up to you how easy to guess. Can you chase a control block chain and read all of the pairs? I am going to guess yes, so, a prudent programmer might put a pointer into the name/token pair and encrypt the data that the pointer pointed to. Not sure if encrypting the name buys anything, but perhaps I have not thought it through sufficiently. Charles On Sun, 8 Dec 2024 23:07:22 +0000, Richard Zierdt <richard.zie...@freschesolutions.com> wrote: >Name/Token pairs are pretty useful, but how secure are they? > >If created on a system level (IEANTCR, IEANT_SYSTEM_LEVEL) could any address >space access the pair if the name was known? I presume yes. How difficult is >it to "guess" the name? > >Is there a control block chain of name/token pairs that any (authorized / >unauthorized) program can "read" to see every name/token in the system, >regardless of level, or just those pairs created with system level ? > >If no, and the pairs are safely hidden away and/or encrypted, then fine. >If yes, then it's an open book, and care might be taken before putting >sensitive data in the token. > >However, even if these pairs are an open book, the token could be encrypted by >the creator. Same with the name. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
