|
Journaling is at the MI-interface, so why wouldn't CRTS create an journal entry?. (I could be wrong, but I think not). How about many other objects created at the MI, aren't they journaled? [journaling is not something I have studied, so I want to be educated, but not with guesses :-) ] ----- Original Message ----- From: srichter <srichter@mail.autocoder.com> To: <mi400@midrange.com> Sent: Saturday, October 20, 2001 6:58 PM Subject: Re: [MI400] permanent spaces > Leif, > > An informed guess ... > > I assume you mean creating spaces using the CRTS instruction, since QUSCRTUS works at all security levels. > > The restricted use of CRTS at sec 40+ enables the logging of all object creates in the security audit journal. QUSCRTUS logs in the audit journal. CRTS does not. > > -Steve Richter > > > ---------- Original Message ---------------------------------- > From: "Leif Svalgaard" <leif@leif.org> > Reply-To: mi400@midrange.com > Date: Sat, 20 Oct 2001 18:42:21 -0500 > > >can't be as that would pertain to ANY permanent object then. > >Furthermore the authority bits are no longer in the pointer. > > > >----- Original Message ----- > >From: Steve Glanstein <mic@aloha.com> > >To: <mi400@midrange.com> > >Cc: Leif Svalgaard <leif@leif.org> > >Sent: Saturday, October 20, 2001 4:18 PM > >Subject: RE: [MI400] permanent spaces > > > > > >> I think it has something to do with the fact that the DOD standards for C2 > >> security require complete auditing of security authority, including its > >> transfer between users. > >> > >> Security authority is in the pointer. Therefore the creation of permanent > >> space objects would violate this principle. > >> > >> Steve Glanstein > >> mic@aloha.com > >> > >> > >> > -----Original Message----- > >> > From: mi400-admin@midrange.com [mailto:mi400-admin@midrange.com]On > >> > Behalf Of Leif Svalgaard > >> > Sent: Saturday, October 20, 2001 8:52 AM > >> > To: MI400 List > >> > Subject: [MI400] permanent spaces > >> > > >> > > >> > While we are the subject of spaces. why is it that permanent space > >> > objects cannot be created by user state programs when the security > >> > level is 40 or above? where is the security breach? > >> > > >> > > >> > _______________________________________________ > >> > This is the MI Programming on the AS400 / iSeries (MI400) mailing list > >> > To post a message email: MI400@midrange.com > >> > To subscribe, unsubscribe, or change list options, > >> > visit: http://lists.midrange.com/cgi-bin/listinfo/mi400 > >> > or email: MI400-request@midrange.com > >> > Before posting, please take a moment to review the archives > >> > at http://archive.midrange.com/mi400. > >> > > >> > > >> > > > >_______________________________________________ > >This is the MI Programming on the AS400 / iSeries (MI400) mailing list > >To post a message email: MI400@midrange.com > >To subscribe, unsubscribe, or change list options, > >visit: http://lists.midrange.com/cgi-bin/listinfo/mi400 > >or email: MI400-request@midrange.com > >Before posting, please take a moment to review the archives > >at http://archive.midrange.com/mi400. > > > > > _______________________________________________ > This is the MI Programming on the AS400 / iSeries (MI400) mailing list > To post a message email: MI400@midrange.com > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/cgi-bin/listinfo/mi400 > or email: MI400-request@midrange.com > Before posting, please take a moment to review the archives > at http://archive.midrange.com/mi400. >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
