× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MI400
  3. October 2001

Re: permanent spaces

Leif,

An informed guess ...

I assume you mean creating spaces using the CRTS instruction, since QUSCRTUS 
works at all security levels.

The restricted use of CRTS at sec 40+ enables the logging of all object creates 
in the security audit journal. QUSCRTUS logs in the audit journal. CRTS does 
not.

-Steve Richter


---------- Original Message ----------------------------------
From: "Leif Svalgaard" <leif@leif.org>
Reply-To: mi400@midrange.com
Date: Sat, 20 Oct 2001 18:42:21 -0500

>can't be as that would pertain to ANY permanent object then.
>Furthermore the authority bits are no longer in the pointer.
>
>----- Original Message -----
>From: Steve Glanstein <mic@aloha.com>
>To: <mi400@midrange.com>
>Cc: Leif Svalgaard <leif@leif.org>
>Sent: Saturday, October 20, 2001 4:18 PM
>Subject: RE: [MI400] permanent spaces
>
>
>> I think it has something to do with the fact that the DOD standards for C2
>> security require complete auditing of security authority, including its
>> transfer between users.
>>
>> Security authority is in the pointer. Therefore the creation of permanent
>> space objects would violate this principle.
>>
>> Steve Glanstein
>> mic@aloha.com
>>
>>
>> > -----Original Message-----
>> > From: mi400-admin@midrange.com [mailto:mi400-admin@midrange.com]On
>> > Behalf Of Leif Svalgaard
>> > Sent: Saturday, October 20, 2001 8:52 AM
>> > To: MI400 List
>> > Subject: [MI400] permanent spaces
>> >
>> >
>> > While we are the subject of spaces. why is it that permanent space
>> > objects cannot be created by user state programs when the security
>> > level is 40 or above?  where is the security breach?
>> >
>> >
>> > _______________________________________________
>> > This is the MI Programming on the AS400 / iSeries (MI400) mailing list
>> > To post a message email: MI400@midrange.com
>> > To subscribe, unsubscribe, or change list options,
>> > visit: http://lists.midrange.com/cgi-bin/listinfo/mi400
>> > or email: MI400-request@midrange.com
>> > Before posting, please take a moment to review the archives
>> > at http://archive.midrange.com/mi400.
>> >
>> >
>>
>
>_______________________________________________
>This is the MI Programming on the AS400 / iSeries (MI400) mailing list
>To post a message email: MI400@midrange.com
>To subscribe, unsubscribe, or change list options,
>visit: http://lists.midrange.com/cgi-bin/listinfo/mi400
>or email: MI400-request@midrange.com
>Before posting, please take a moment to review the archives
>at http://archive.midrange.com/mi400.
>
>

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.