On Wed, 3 Apr 2013 07:29:11 -0500, Paul Gilmartin <paulgboul...@aim.com> wrote:
>On Wed, 3 Apr 2013 06:47:01 -0500, John Gilmore wrote: > >>Peter's most recent response: >> >><begin extract> >>The 100 character restriction is applied to the following case, only: >>environment is APF; and jobstep program is AC(1); and the program is >>not bound with LONGPARM. >></end extract> >> >>is admirable, unambiguous, and, I think, definitive. >> >It leaves a couple holes. One question in the thread concerned: > >o Jobstep program is AC(1), from an authorized library, so > the environment was authorized. > >o Jobstep program ATTACHEs a subprogram AC(0), from an > authorized library, bound with NOLONGPARM, passing an > argument longer than 100 bytes. > >o Is the 100 character restriction applied? My conjecture is, "No,": > - There's no such restriction under z/OS 1.13 and I doubt that > IBM intends to impose a new restriction in 2.1. > - The passed argument may not be structured with a halfword > count field, so ATTACH has no way of knowing its length. I > surmise the restriction is applied only by the initiator when > ATTACHing the jobstep program. Is this right? Correct. It is the initiator that applies the restriction, just as it is the initiator that reads the "PARMDD" DD statement containing the parameter and passes it to the jobstep program. If an authorized program (running APF-authorized, supervisor state, or system key) were to invoke another program (to also run authorized) and pass a longer parm, without knowing (somehow) that the called program can accept the longer parm, that would be a System Integrity issue with the authorized program, since it cannot predict how the called program will react. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN