On Mon, 22 Aug 2022 16:16:06 -0500, Paul Gilmartin <paulgboul...@aol.com> wrote:
>Why is there an AUTHPGM NAMES list at all? Why shouldn't it just be > * (everything) >??? > >I can imagine several reasons: Even some authorized programs might not >be trusted not to modify the WAITing TSO task (IKJEFTT09?), perhaps by >ALLOCATE REUS of a file TSO uses. Or by modifying TSO storage. Or >by monopolizing a scarce resource (such as a tape drive) during programmers' >think time. BTDT; alas no distinction is made between real tapes and virtual >tapes which are more likely to be plentiful. > >Is the motive one of these, or something similar? I cannot provide a definitive answer to that, as I was not involved in any of the design for that function. I can, though, guess that they did not want to assume that every APF-authorized program would behave properly when invoked authorized but in an unexpected environment, and therefore chose to restrict them unless IBM or a customer had specifically listed them as "safe". > >This feels like something that should be programmer-specific , such as a RACF >profile allowing Lizette but not me the facility. > I don't see a need for saying "program X can run APF-authorized under TSO if Lizette runs it, but not if Paul runs it. That is not a function that exists when you run a program in batch, for example, and if it were to be meaningful in TSO it would also be meaningful in batch. You can control which users can run which programs (PROGRAM control in RACF, though that came later than AUTHPGM), and if an APF-authorized program is doing something that should be restricted further, it can do its own restource checking (as AMASPZAP does when zapping a VTO). -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN