Ease of administration

Kragen Sitaker kragen@dnaco.net
Mon, 3 Jul 2000 16:19:47 -0400 (EDT) 

--=121411=--
Content-Type: text/plain

Some comments on security add-ons for IBM MVS.

We can do better than this, I think; new EROS programs will know what
kinds of capabilities they need, and part of the process of making
factories for them will be sealing the right capabilities into the
factory, analogous to linking with libraries.  (In fact, linking with
libraries could be accomplished by exactly this mechanism.)  Therefore,
trying to build a factory for a program that needs a serial-line
capability, without supplying either a serial-line capability or a
simulator thereof, will give you a link-time error.

Unix programs won't necessarily know what files they need access to,
although strace and friends should help some with that.

--=121411=--
Content-Type: message/rfc822

Path: news-east.usenetserver.com!cyclone1.usenetserver.com!cyclone1.usenetserver.com!news-peer.gip.net!news.gsl.net!gip.net!news.voicenet.com!news2.voicenet.com.POSTED!not-for-mail
Newsgroups: alt.folklore.computers
From: nospam@nowhere.com   (Steve Myers)
Subject: Re: S/360 public domain stuff?
Reply-To: nospam@nowhere.com  (Steve Myers)
References: <8jooc0$nks@netaxs.com> <962590003.847276@shelley.paradise.net.nz> <C7F682DDE7EA1E20.8AFA4662C41770BF.A4E666289592A014@lp.airnews.net> <396007A6.6775D848@macquarie.com.au> <38E8DCD71A34D7E8.2E1E21E287805A7B.1AC841334EA5EF56@lp.airnews.net> <vQZ75.128$ul2.35883@news3.voicenet.com> <278929DB77D73418.93E4A8FB2C50F62D.9CB968DF9ECC6622@lp.airnews.net> <8I385.6$aQ5.2979@news2.voicenet.com> <21C30E78FE5FB3C4.E1662BD14BDCE449.3298DF6E7B47CD1F@lp.airnews.net>
X-Newsreader: IBM NewsReader/2 v1.2.5
Lines: 19
Message-ID: <ot585.10$aQ5.4089@news2.voicenet.com>
Date: Mon, 03 Jul 2000 19:04:52 GMT
NNTP-Posting-Host: 209.71.88.51
X-Complaints-To: abuse@voicenet.com
X-Trace: news2.voicenet.com 962651092 209.71.88.51 (Mon, 03 Jul 2000 15:04:52 EDT)
NNTP-Posting-Date: Mon, 03 Jul 2000 15:04:52 EDT
Xref: cyclone1.usenetserver.com alt.folklore.computers:38229

Both ACF2 and RACF have a warn mode to help you get started with resource
access.  If I remember correctly, ACF2 has a logging mode when it throws
SMF records, but no messages, when it does not like something.  So, you
don't have to have it exactly right when you start both RACF and ACF2.

RACF allows individual access rules to have what amounts to a warn mode.

-- Steve Myers

In <21C30E78FE5FB3C4.E1662BD14BDCE449.3298DF6E7B47CD1F@lp.airnews.net>, jmaynard@thebrain.conmicro.cx (Jay Maynard) writes:
>On Mon, 03 Jul 2000 17:04:04 GMT, Steve Myers <nospam@nowhere.com> wrote:
>>The ACF2 "secure by default" idea is valid.  In fact, it is the way to go,
>>and that is the way many, if not all, RACF shops now operate.
>
>The problem is not running it once it's all set up, but the transition
>period. Unless you get it *exactly* right, the first time, you have
>problems. Yes, RACF is theoretically less secure...but if the choice is
>between unsecure and running, and secure and down, I know which I'd pick.


--=121411=----

-- 
<kragen@pobox.com>       Kragen Sitaker     <http://www.pobox.com/~kragen/>
The Internet stock bubble didn't burst on 1999-11-08.  Hurrah!
<URL:http://www.pobox.com/~kragen/bubble.html>
The power didn't go out on 2000-01-01 either.  :)