----------------------------------------<snip>---------------------------------------
So (once again) the tech support bods (vendor and customer) are dancing
around on egg-shells trying to accommodate policy decisions made by
sales/marketing/legal droids.
I consider the zIIP zAP thing something that may compromise security
and which causes effort to be made just to save money. The effect may
be to have people look at platform movement if they are going to have
to rewrite/replace software to save money anyway.
Compromise security? How?
My incomplete and possibly erroneous interpretations of past postings
here led me to believe that zIIP and zAP work had to run in SRB mode
and I also recall someone else claiming this was a security exposure.
Despite having been an MVS (but not OS390 or zOS) systems programmer,
my understanding of these issues is incomplete. On the other hand, as
a person who worked for customers, I hate my employers being charged
more to run that portion of my work that it costs less for IBM and
ISVs to support.
Clark Morris
------------------------------------<unsnip>------------------------------------
IIRC, it's not legal, or possible, to executean SVC in SRB mode. So you
can't OPEN or CLOSE a dataset, nor can you do I/O. So I fail to
understand how much of a "security risk" can exist here.
Rick
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
