In <1362028534344114.wa.paulgboulderaim....@listserv.ua.edu>, on 07/24/2013 at 09:17 PM, Paul Gilmartin <paulgboul...@aim.com> said:
>AMASPZAP is AC=01 (why?) VTOC. >Of course any program that runs AC=1 >assumes the responsibility of performing its own SAF checking. I >believe this is true also for any program linked AC=0 into an APF >authorized library where it may be attached by an AC=1 program. Not quite. An AC(1) program can attach a jbostep with RSAPF=YES; the TMP is an example. In the simpler case, an AC(1) program is responsible for calling only routines known to be trustworthy; it should not be doing a LOAD, LINK or XCTL of random names. A modules intended to be called by an AC(1) routine is responsible for doing appropriate SAF processing if the interface doesn't include doing the checking at a higher level. I'm pretty sure that IBM spells most of that out. -- Shmuel (Seymour J.) Metz, SysProg and JOAT Atid/2 <http://patriot.net/~shmuel> We don't care. We don't have to care, we're Congress. (S877: The Shut up and Eat Your spam act of 2003) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN