On 15 October 2010 14:03, Joel C. Ewing <jcew...@acm.org> wrote: > On 10/15/2010 09:27 AM, Paul Gilmartin wrote: >> >> On Thu, 14 Oct 2010 19:54:44 -0500, John McKown wrote: >> >>> The SPFCOPY that I remember simply used a "magic" SVC to set the APF on >>> before calling IEBCOPY and back off afterwards. >>> >> I've heard of this. And that the "magic SVC" did extensive checkinf >> of control blocks to verify that it was properly called by ISPF. >> Bot that it was possible, in principle, to fool it. >> >> But why? couldn't it just perform the equivalent of >> >> address TSO 'CALL *(IEBCOPY)' >> >> ... and let TSO handle the integrity? >> >> -- gil > > It used to be the case that since ISPF didn't run authorized that it was > impossible to directly invoke authorized utilities from within ISPF dialogs > - hence the IEBCOPY kludge.
Even stronger - before that it used to be the case that there was no support at all for running APF authorized application programs under TSO. The Terminal Monitor Program itself was not authorized, and so could not invoke anything authorized other than by kludge SVCs and the like. (There were, of course, TSO related *services* that ran authorized, even back in the MVT days, most notably the FIB stuff (SUBMIT/STATUS/CANCEL) and OPER. But none of these involved command processor code running in an authorized state. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
