Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site rti-sel.UUCP
Path: utzoo!watmath!clyde!bonnie!akgua!mcnc!rti-sel!trt
From: trt@rti-sel.UUCP (Tom Truscott)
Newsgroups: net.unix-wizards,net.rumor
Subject: Re: VM/370 Security
Message-ID: <34@rti-sel.UUCP>
Date: Mon, 10-Dec-84 09:18:23 EST
Article-I.D.: rti-sel.34
Posted: Mon Dec 10 09:18:23 1984
Date-Received: Wed, 12-Dec-84 17:30:41 EST
References: <3558@ecsvax.UUCP> <1539@sdcrdcf.UUCP>
Organization: Research Triangle Institute, RTP, NC
Lines: 17
Xref: watmath net.unix-wizards:10965 net.rumor:585

> The main attractiveness of VM for secure systems is that VM itself is a
> very limited system, concerned almost solely with partitioning ...
This argument is compelling.  After all, VM concerns itself
with 'not sharing' (security) whereas MVS concerns itself with 'sharing'
(insecurity).  And VM's task is conceptually much simpler.

So I was surprised a few years ago to read a Datamation (?) article
by an IBM computer security person who said
that they 'warranted' the security of MVS but not VM.
That means IBM will fix any security hole found in MVS.

>From what I have heard MVS (with RACF) is much more secure than
MVF or MVT but only in the sense that security flaws are much more
obscure and difficult to exploit.  Perhaps VM, though potentially secure,
comes up short since VM users insist on sharing (minidisks, whatever)
and the hacks^H^H^H^Hmechanisms for so doing have security flaws.
	Tom Truscott