On 12 Dec 2013 04:40:14 -0800, in bit.listserv.ibm-main you wrote: >>It also looks like ziip and zaap usage >>may introduce security exposures > >Usage of a zAAP or zIIP processor cannot conceivably introduce security >exposures. > >Changing code that was written unauthorized now to run in an authorized >environment can. Such a change is not limited to conforming to zIIP >requirements.
If the only code that is aimed for zAAP or zIIP is code that would have run authorized anyway, then no additional exposure is caused by their use. My reading (probably very faulty) of some of the posts here was that code that would normally run unauthorized is being moved to run in special enclaves which can only run under an SRB. It might be helpful to have a good explanation of the type of code that is involved. In regard to COBOL, I believe have seen things that say that XML services used by COBOL can run on a zAAP so the question comes as to whether these services would have to run authorized anyway. Clark Morris > >Peter Relson >z/OS Core Technology Design > >---------------------------------------------------------------------- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
