Clark, Thank you , I have never heard of the Cobol SRB and zIIP
Scott ford www.identityforge.com from my IPAD 'Infinite wisdom through infinite means' > On Dec 12, 2013, at 1:47 PM, Clark Morris <cfmpub...@ns.sympatico.ca> wrote: > > On 12 Dec 2013 04:40:14 -0800, in bit.listserv.ibm-main you wrote: > >>> It also looks like ziip and zaap usage >>> may introduce security exposures >> >> Usage of a zAAP or zIIP processor cannot conceivably introduce security >> exposures. >> >> Changing code that was written unauthorized now to run in an authorized >> environment can. Such a change is not limited to conforming to zIIP >> requirements. > > If the only code that is aimed for zAAP or zIIP is code that would > have run authorized anyway, then no additional exposure is caused by > their use. My reading (probably very faulty) of some of the posts > here was that code that would normally run unauthorized is being moved > to run in special enclaves which can only run under an SRB. It might > be helpful to have a good explanation of the type of code that is > involved. > > In regard to COBOL, I believe have seen things that say that XML > services used by COBOL can run on a zAAP so the question comes as to > whether these services would have to run authorized anyway. > > Clark Morris >> >> Peter Relson >> z/OS Core Technology Design >> >> ---------------------------------------------------------------------- >> For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
