In <[email protected]>, on
07/14/2011
at 10:07 PM, Paul Gilmartin <[email protected]> said:
>Hmmm. I had believed that I/O appendages required APF-authorization.
No. Standard access methods use appendages. Also, PARMLIB can specify
appendages that an unauthorized program can request in a DCB for EXCP.
>Does this imply that Starting in z/OS V1R13, IEBCOPY no longer uses
>special I/O appendages.
No. It implies that if it uses appendages they do not compromise
integrity.
>I had understood (from gossip; I haven't RTFM) that:
>o If a program executing not APF-authorized LINKs or ATTACHes
> any other program, the called program executes not authorized,
> regardless of its AC attribute or the status of the containing
> library.
True for poblem state problem key.
>o If a program executing APF-authorized LINKs or ATTACHes any
> other program from an authorized library, the called program
> runs authorized, regardless of its AC attribute.
Not true if it specifies RSAPF=YES.
>So what customer requirement would not be satisfied by
>simply linking the new IEBCOPY into an authorized library with AC=0?
AFAIK, it *is* AC=0 in an authorized library.
>o It could be invoked with EXEC PGM=IEBCOPY and simply
> work, as it used to,
It didn't use to work because it didn't use to exist.
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
ISO position; see <http://patriot.net/~shmuel/resume/brief.html>
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
