On Tue, 15 Apr 2008 19:15:33 -0400 "Craddock, Chris" <[EMAIL PROTECTED]> wrote:
:>Binyamin said :>> :>That's all I've collected so far. Are there more ways? :>> DEBAPFIN :>> SVC screening. :>Pardon? Modifying the APF bit isn't going to do you any good in an :>address space that is already running since AC(1) is only relevant for :>job step tasks. You would have to already be running in key zero to :>alter it after the fact anyway, so chicken meets egg. It will allow you to run programs from an unauthorized library if you are authorized. :>Likewise with SVC screening; That requires building an SVC screening :>table in LSQA and storing the address of the SVC screen table in the :>TCB, so again it would require pre-conditioning by a key zero supervisor :>state program. It allows a specific non-authorized task to issue MODESET without impacting any other task. :>AFAICT the OP wants to know how to run a Rexx exec in an authorized :>state so it can in turn call compiled code that requires authorization. :>Leaving aside the advisability of doing that, if it was going to require :>a serious amount of setup ahead of time, then why not just wrap the :>necessary functions inside of a PC or SVC and be done with it? That is the best approach. -- Binyamin Dissen <[EMAIL PROTECTED]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html