|
Hey, Joe I don't know what is involved, but it is said that if you do not pass the so-called "omissible" parameter to the CEE* APIs, a machine lock-up is possible. The docs says that if you "omit" the parameter, you must pass a null pointer. (This does not seem like the meaning of "omit", but what do I know?) This is not something I found at IBM, I believe I was told this by a support person. But this does give anyone "control of the computer", it causes a hang. I do not believe this is FUD. Vern -------------- Original message -------------- From: "Joe Pluta" <joepluta@xxxxxxxxxxxxxxxxx> > Ick. I hate these conversations, because in most cases we're just "agreeing > in a loud tone of voice" . > > Anyway, let me clarify a specific point and then we can move on. One of the > primary security breaches in Windows is through buffer overruns: the idiot > who programmed the code didn't check for data running over the end of the > buffer, and carefully crafted requests can then put executable code where it > shouldn't be and cause bad things to happen. > > This cannot happen on an iSeries. You can't do it. Feel free to prove me > wrong, and I'll be happy to eat crow, because you'll be uncovering a > security hole that's existed for over 25 years. The point is that the > iSeries for all intents and purposes is a non-Von Neumann machine (as were > all its predecessors back as far as the S/38), and so is not prey to buffer > overruns. I'm not going to argue the technicalities, but if you can ever > create an iSeries buffer overrun exploit, I'll retract my statement. > > So, from this standpoint, the standpoint of operating system stability, > i5/OS (nee OS/400, nee CPF) is more secure than Windows. This is not > opinion, it's simple fact. > > Second, yes, people can create unsecured iSeries environments. Leave the > default password on QSECOFR, that's a great way. Hell, any machine that is > not physically secured is subject to security breach (something people > amazingly forget -- they secure the heck out of their network then leave the > door to the computer room unlocked). But my point on that is that you are > more likely to have a non-IT person do something stupid on their desktop > than you are to have your iSeries mismanaged by professional IT staff (of > course, this depends on your IT staff ). > > So, from this standpoint, the standpoint of user engineering, again the > iSeries is more secure. Again, not really subject to debate, is it? > > Joe > > > > From: Bob Crothers > > > > Joe, just because a thing hasn't been done is no reason to assume it cant > > be done. > > > > Is the iSeries more secure than most windows boxes? Yes. No argument from > > me on that. > > > > But is it hack proof? No. Not at all. > > > > And you are also assuming that the people who control the box know what > > they > > are doing. I deal with a lot of iSeries shops around the country...and I > > can assure you that they are NOT all "well run secure machines". Some are > > down right scary in fact. > > > -- > This is the PC Technical Discussion for iSeries Users (PcTech) mailing list > To post a message email: PcTech@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/pctech > or email: PcTech-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/pctech.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
