From z/OS 1.13 version of "MVS Programming: Authorized Assembler Services Guide" Chapter 21: Protecting the System" about page 433, there is a "Note" in "APF-authorized libraries": "Notes: 1. If a JCL DD statement concatenates an authorized library in any order with an unauthorized library, the entire set of concatenated libraries is treated as unauthorized."
And guess what, in "z/OS V2R2.0 MVS Authorized Assembler Services Guide" same chapter, same section, but page 455, it has the same note. So "No" in STEPLIB, you CANNOT mix APF Authorized and Unauthorized libraries, LINKLST, on the other hand, you can mix it up. Al Nims Systems Admin/Programmer 3 UFIT University of Florida (352) 273-1298 -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Paul Gilmartin Sent: Thursday, June 16, 2016 5:08 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Basic CICS Question On Thu, 16 Jun 2016 14:27:28 -0500, John McKown wrote: > >... Most shops any more use the APFTAB value which indicates that a >data set's APF authorization is based on the APF table when a module is >accessed via the link list or a STEPLIB. > Does this mean that STEPLIB may nowadays contain a mixture of unauthorized and APFTAB-authorized catenands, and that loading a program marked AC=1 from one of the authorized catenands will retain authorization notwithstanding the presence of unauthorized catenands? I know a more recent ply has said "No", but you seem to be implying "Yes". And why can't Content Supervision be as intelligent about a mixed authorized/unauthorized STEPLIB as it is about a mixed link list? (I know that if CS were changed to operate that way, programmers would lose the ability to force an otherwise authorized program to execute unauthorized by including it in STEPLIB. This ought to be a tolerable behavioral change.) -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
