history is hard

Stefan Skoglund stefan.skoglund at agj.net
Mon Jun 1 05:12:55 CDT 2020 

sön 2020-05-31 klockan 10:04 -0500 skrev Jon Elson via cctalk:
> On 05/31/2020 02:06 AM, jim stephens via cctalk wrote:
> > 
> > On 5/30/2020 11:15 PM, Eric Smith via cctalk wrote:
> > > On 05/29/2020 02:38 PM, Noel Chiappa via cctalk wrote:
> > > >      <snip>
> > > > Low-level machines did not even have storage protection
> > > > keys, and on the /40 and /50 (I think) it was an option,
> > > > although I'd guess almost any /50 had it installed.
> > Our /50 had it and I have never seen any indication in the 
> > documentation for the hardware that
> > indicated that it was an option.
> > 
> > I don't think that either MVT or MFT would have been very 
> > stable without it.  I certainly spent a lot of time
> > studying how to get around it, and am responsible for a 
> > couple of SPIE patches in the MVT product
> > from exploits trying to get into supervisor mode to muck 
> > with such.
> > 
> Yes, the SPIE call as supplied from IBM was surely the 
> security hole big enough for 5 ocean liners abreast to steam 
> right through! Everybody had to patch that, and the patch 
> was fairly simple.  But, it was a clear indication of how 
> LITTLE IBM thought about security. Of course, they were 
> thinking about banks where 3 teams reviewed code before it 
> ever ran on the machine, not universities where kids would 
> try all sorts of mischief.
> > Yes, I know supervisor state isn't tied to the storage 
> > keys, but that was the way I went to
> > try to circumvent the storage keys.
> Oh, once you have the P bit set to zero, you can do 
> anything, such as changing the storage protection key of 
> your own program.
> 
> Jon

I have a school memory of something like that:
my school had a PRIME 9955 with PRIMOS 19, well that system had a hole
in the handling of serial lines with modems. One municipality employee
was logged in from home/work and went home (basically pulled the plug
on the pc and went home.) My friend dialed in and got into the
employees login session....

I have a memory of the responsible system admin when he speaks with
PRIME in Stockholm, well it wasn't the first time this happened...

More information about the cctech mailing list