It is possible but there are quite a few gotcha's. And these gotcha's could allow an application programmer to crash the system.
Do not wish to appear to be insensitive, but its takes quite a bit of experience to do this correctly. You need a real mentor - hands on - to walk you thru your design and code. As you appear to be writing from a software house, perhaps your colleagues can help. On Thu, 22 Apr 2010 23:49:04 +0100 Sam Siegel <[email protected]> wrote: :>On Thu, Apr 22, 2010 at 11:22 PM, Chris Craddock <[email protected]>wrote: :> :>> On Thu, Apr 22, 2010 at 1:19 PM, Sam Siegel <[email protected]> wrote: :>> :>> > On Thu, Apr 22, 2010 at 6:42 PM, Walt Farrell <[email protected]> :>> wrote: :>> > :>> > > On Thu, 22 Apr 2010 15:07:52 +0100, Sam Siegel <[email protected]> wrote: :>> > > > :>> > > >I'm trying to write some authorized code that has a requirement to :>> > invoke :>> > > >unauthorized user exits. :>> > > :>> > > First, why do they have to be unauthorized? Your life is a lot simpler :>> > if :>> > > you require that they come from an APF-authorized library and make the :>> > > customer responsible for ensuring only valid code goes into those :>> > > libraries. :>> > > :>> > :>> > The requirements exists because I'm trying to write something that will :>> be :>> > Ziip enabled and leased as a product. :>> > :>> > Prior to passing the buffer to a work queue for the SRB, there is the :>> > possibility that the user (which can be a normal programmer) will need to :>> > modify the data in the buffer or provide additional data once the data :>> > source has been drained. :>> > :>> > I don't want the to impose a requirement of authorized code for the exit :>> as :>> > most shop will not allow application programmers to put code in an :>> > authorized library. :>> > :>> > Having systems staff write the code creates a bottleneck on the :>> application :>> > rate of change. :>> > :>> > :>> > > :>> > > Second, do you really mean user exits (that is, load modules whose :>> names :>> > > and :>> > > locations the end-users supply) or installation exits (that is, load :>> > > modules :>> > > whose names and locations the system programmers supply)? :>> > > :>> > :>> > Yes I really mean user-exits and not installation exits. :>> :>> :>> :>> I really don't want to be rude about this so please be tolerant of my :>> apparent insensitivity. Your questions indicate a basic lack of :>> understanding of the intricacies of this kind of software. Without :>> understanding all of the nuances it is almost impossible to avoid wandering :>> into dangerous territory and putting your customers at significant :>> availability and integrity risk. Writing an SRB-mode application that runs :>> reliably all the time is hard enough on its own. Writing a mixed mode :>> application that (safely) provides access for non-privileged callers is :>> really hard and there's just no pretending otherwise. Walt's advice here :>> and :>> in the other ADRNAPF thread is exactly right. Borrowing an old saying about :>> the price of a Rolls-Royce... if you have to ask, you can't afford it. :>> :>> In all honesty I would strongly recommend walking away from this idea. :>> :> :>Chris, :> :>I understand what you are saying and I'm not taking anything personally. :> However, I must ask how is one to learn these things. I'm :>not pretending to be anything or diminishing the complexity. I thought my :>approach was exactly the opposite. Ask for advice from those that know. :> I knew that the questions expose my level of experience when I wrote them. :> :>There must be some way to gain this expertise. :> :>I believe my product idea is usefully and I want to make sure that it is :>also safe. Clearly just writing an authorized only program and not allowing :>a problem state user exit is the preferred way to go. However, if it is :>reasonably possible to provide a problem state user exit, I would like to :>explore it. :> :>I'm trying my best to ensure integrity and still create something :>marketable. :> :>If you and Walt are saying this is impossible outside of IBM or a :>vendor environment like BMC or CA then this is unfortunately. :> :>It would really be great if the people with the experience and scars would :>provide the details required to write this type of application correctly. :> I'm open to suggestions and would very much appreciate them. :> :>Again any advice on how to accomplish this would be greatly appreciated. Or :>a confirmation that this is just not possible regardless of the advice :>provided would also be appreciated. -- Binyamin Dissen <[email protected]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
