× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. August 2005

RE: Cool i5/OS Security News!!!!!!!!!

Patrick,

That is very good news. Now (in the spirit of "no good deed goes unpunished") 
how about fixing it so my users' unattended qshell sessions will timeout due to 
inactivity, observing QINACTITV as documented? 

When I opened a PMR (66586,082) they simply explained to me that it is because 
the session is not in DSPW status, therefore it is not a problem because 
everything is working as designed. When I submitted a DCR (MR022205327), five 
months later I received an acknowledgement that it should be changed, but no 
commitment to do so.

I haven't tested it, but I assume this problem would also exist in the PASE 
shell, since an idle session is not in DSPW status.

Sorry to rattle your cage in public like this, Patrick, but it looked like a 
good opportunity to bring this to someone's attention who might be able to do 
something about it. If IBM is going to pursue these fancy shmancy security 
certifications (which is a good thing) then perhaps they could also put some 
effort into closing the more mundane security holes.

Thanks,
-Marty

------------------------------

date: Mon, 15 Aug 2005 18:00:30 -0500
from: Patrick Botz <botz@xxxxxxxxxx>
subject: Cool i5/OS Security News!!!!!!!!!

...at least for me it's really cool :-) hopefully others will think so
too....

i5/OS has been OFFICIALLY certified for Common Criteria at Evaluation
Assurance Level 4 (EAL 4)!  This is the certification which most closely
matches the old US Government C2 rating.

http://niap.nist.gov/cc-scheme/st/ST_VID4035.html  contains all of the
details.
Also on this page is the e-mail of the IBMer who did the legwork to make
sure it all happened! Feel free to send him an "atta-boy" if you are so
inclined!

The following snippet was copied from this URL:
Product Name: IBM i5/OS V5R3M0 running on IBM eServer models 520, 550, and
570 with Software Feature Code 1930
Product Type: Operating System
Date: 10 August 2005
Conformance Claim: EAL 4 augmented with ALC_FLR.2

Patrick Botz
Senior Technical Staff Member
Rochester CTC, eServer Security Architecture & Consulting
iSeries Security Architect
(507) 253-0917, T/L 553-0917
CTC Fax # 507-253-2070
email: botz@xxxxxxxxxx

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.