MIDRANGE dot COM Mailing List Archive

RE: Browser vulnerability was: Design Change Requests


> From: rob@xxxxxxxxx
> And I will continue to believe so, just as I believe that Joe's perception
> that none of IBM's "integrity" ptf's are out there for security purposes
> is flawed because of his strict bias that i5/os has no security leaks that
> have ever needed to be fixed because it is not susceptible to "buffer
> overruns".

Whoa, I say WHOA there, pardner!

My point way back then was that none of the integrity PTFs you pointed to
could be incontrovertibly linked to a security exploit.  You may believe
some of them are, but the ones I reviewed could easily be explained by
issues that had nothing to do with security, but were in fact "integrity"
related; without the PTF, the system would break.

Your statement of my position above is incorrect.  It is true that the
typical MS flaw is the buffer overrun which cause malicious code to get
executed, and that this cannot happen on i5/OS.  But that has little to do
with my contention that there are nearly zero security exploits on i5/OS.
My contention is instead borne of the fact that the operating system is
designed with object-level security from the ground up, and that it's nearly
impossible to inject virus code into the system through any of the attack
vectors that are so vulnerable in MS systems (buffer overrun being one,
rootkits being another, images another, fonts evidently yet another).

Does this mean that there are no security exploit PTFs?  Certainly not.
There have been security breaches in OS/400, and I can think of one in
particular that required a PTF to fix it: There once was a HUGE exploit in
which the password of a signed-on user was stored in the clear for anyone to
see (anyone with a little knowledge and the ability to dump memory).  You
can talk to Leif about any number of ways to exploit the single store
architecture, but most of those require a programmer with a knowledge of the
operating system.  That's not an excuse, but anybody with programming rights
on a Windows machine can pretty much peel it like an onion.  However, my
contention still stands that you were incorrect in your implication that
all, most or even a significant portion of PTFs marked "integrity" are
security PTFs, and I stand by that until you prove otherwise.

As a second point, how there are STILL buffer overruns in Microsoft code is
a clear indication that Microsoft has no control over its own software
quality; a buffer overrun is perhaps the single easiest thing to check, yet
evidently no Microsoft programmer was ever taught how to do it. These latest
nasty bits about non-secure callbacks embedded in fonts and images are
simply another example of shoddy programming.


Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2015 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact