> Please don't anyone believe this overly simplistic statement from 
> IBM whose legal staff apparently didn't get to proofread it. 
> Certainly do not bet your critical data on this statement.
> 
> Writing an EOF record at the beginning of a newly allocated 
> sequential data set will only prevent data integrity if all attempts
> to read the data can be guaranteed to use QSAM with unsophisticated 
> logic that makes the program stop trying to read the data once the 
> EOF has been read.  It is quite easy to build an unauthorized 
> program that can read beyond the EOF record.
> 
> The ONLY way to guarantee that no one can read data written 
> previously is to erase the data before freeing its allocated tracks.
> Just because the file is allocated as sequential does not mean that 
> it is impossible to read it with any access method other than QSAM.
> 
> Writing an EOF at the beginning of a newly allocated data set is 
> akin to zeroing out the first byte in newly allocated storage that 
> has been previously used, then freed without ever being zeroed out, 
> and assuming that the program that just allocated the storage will 
> not try to read beyond that first byte.
> 
> I am flabbergasted that IBM has published such an incorrect statement.
> 
> Bill Fairchild
> Rocket Software
> 
> -----Original Message-----
> From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On
> Behalf Of Starr, Alan
> Sent: Friday, October 15, 2010 2:41 PM
> To: IBM-MAIN@bama.ua.edu
> Subject: Null versus empty datasets
> 
> http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dgt2i650/8.1
> 
> which states "For sequential data sets, SMS writes a hardware EOF at
> the beginning of the data set at initial allocation. This prevents 
> data integrity problems when applications try to read the data 
> before data is written in the data set."

  The statement is referring to "data integrity" from the 
point of view of the program seeing what it expects to see
(that is, when using ordinary access methods, the newly allocated
data set appears to be empty).  It is not attempting to make
any statement about "data security", which, as you are describing,
is something completely different. 


Jim Mulder   z/OS System Test   IBM Corp.  Poughkeepsie,  NY

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html

Reply via email to