In <769b2e18f7b2fa48b3adea85570a28769a560...@mtl-hq-x01.cn.ca>, on 03/04/2014 at 03:51 PM, Leonardo Vaz <leonardo....@cn.ca> said:
>Would it be any less a security breach to invoke such a >program from JCL with "EXEC PGM=..." which likewise causes it to run >in the authorized state? Yes. What makes it a security breach is allowing an unauthorized program to invoke it authorized in an uncontrolled manner. IBM has written voluminously about this issue. -- Shmuel (Seymour J.) Metz, SysProg and JOAT ISO position; see <http://patriot.net/~shmuel/resume/brief.html> We don't care. We don't have to care, we're Congress. (S877: The Shut up and Eat Your spam act of 2003) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN