Peter ... my apologies .. I used the wrong terminology. May I please contact you offline on this ??.
-----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Peter Relson Sent: Sunday, December 01, 2013 9:47 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Un-authorized caller calling authorized services. >TPROT TPROT can tell you "it is not OK". It almost never can tell you fully "it is OK" because of time-of-check to time-of-use exposures. >In a nutshell, I'm trying to find out what the best way is for an >un-authorized called to call / invoke a SRB. Not only is there no "best way" there is "no way". You cannot "call" or "invoke" an SRB. You can only schedule an SRB. And scheduling an SRB is limited to authorized programs. Thus an unauthorized program would have to "get authorized" (such sa via SVC or PC) in order to schedule an SRB. It is also the case that, if you do allow an unauthorized program to invoke an SVC/PC to schedule an SRB, you might need to provide some throttle to prevent a malicious unauthorized program from doing this "too often". Peter Relson z/OS Core Technology Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
