Re: Anti-virus for i5OS -- MIDRANGE-L

Patrick Botz wrote:

Joe,

You made a sweeping statement about something that cannot be done on i5/OS
(i.e. copy a file to IFS and have it cause the system to arbitrarily
execute native i5/OS code).

Oh pshaw. You took it out of context and then you invoked one of the biggest security holes in recent System i times: PHP.

I showed you one way to do that. And rather
than correct your statement to something a little more accurate, you claim
your statement is still true because YOU don't happen to run PHP on your
machine? Your statement didn't say it can't happen on my machine, it said
it can't happen on system i.

FUD. I can't stop you from screwing with someone's machine if they don't use common sense. But I guarantee that you, Patrick Botz, cannot run arbitrary code on my machine. I guarantee it.

Now, the reason I'm so sure of myself is primarily because I don't enable security holes like PHP and PASE. You can argue nits about how I *must* run PASE, but I'm not going to go there. Anybody reading knows what I mean.

Anyway, here's the deal: my machine is a public web server, running Java servlets. Please, break in. I'm like the Lifelock guy who publishes his social security number. If you can, I'll proclaim the System i to be unsecure. Until then I stand by my statement: it doesn't take a security expert to secure the System i.

Joe

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.