IBM Mainframe Discussion List <[email protected]> wrote on 06/28/2006 10:53:24 AM:
> Has IBM any intention of prohibiting obtaining KEY 8 CSA storage in > some future release? This would provide any of: > > o Great motivation for ISVs to clean up their acts. Fixing this > shouldn't be comparable to Rocket Science, should it? > > o Great deterrent for customers' upgrading. > > o Great opportunity for YA ISV to market a patch disabling an > integrity feature. When you see a z/OS 1.8 MVS Initialization and Tuning Reference, under the DIAGxx parmlib member, it will say: VSM ALLOWUSERKEYCSA(YES|NO) NO prevents user key CSA from being allocated by failing any attempt to obtain user key from a CSA subpool (via GETMAIN or STORAGE OBTAIN) with a B04-5C, B0A-5C, or B78-5C abend. The default is YES, but IBM recommends that you specify NO to prevent user key CSA from being obtained. User key CSA creates a security risk because any unauthorized program can modify it. IBM plans to change the default to NO in a future release of z/OS. Jim Mulder z/OS System Test IBM Corp. Poughkeepsie, NY ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
