On Wed, Jul 21, 2021 at 09:36:37AM -0700, James H. H. Lampert wrote:
> "Immutable backups." Interesting concept. But how?
.......
OS/400 was before my time, but I have a limited experience with z/VM
which ran at z9 mainframe about 10 years ago.
I wrote security software for z/VM's ancestors VM/XA and VM/SP. I read years ago of trojan proof-of-concept code for the MVS series OSs from IBM. It could be done but of course was an insider attack.
One day certain IBM
engineer somehow managed to execute a certain job from one LPAR in
another, completely breaking the isolation between LPARs. The mainframe
just shutdown presumably to prevent other abuse to happen, and in modern
terms this could be classified as locally executed DOS attack.
A B-level mandatory-access control OS is specified to prevent that. It can be done by 3rd party software if, of course, you are able to front-end the system calls (SVCs in their terminology). We did have source licenses for our implementation on HP/UX and Solaris but it was not strictly necessary.
......
As long as OS promotes and considers perfectly normal to run arbitrary
software obtained from $DEITY knows where - such OS cannot provide any
kind of meaningful security, user data being considered.
It's counter-intuitive I know, but your statement is provably false with the right security model. Google the Bell-LaPadula model. Equally valid in what we consider a normal computing environment and even in multi-user unix/Linux environments.