> > That is not the way the Initiator works. The Initiator is not > >APF-authorized. > > > I'll assume Initiator uses an SVC or PC to launch the program with > suitable APF-authority (in a separate address space?) similar to what > fork() and BPX1EXM do. What component performs the allocations, > since those don't cross address spaces? You assumed ... poorly.
The Iniatiator ATTACHes the program in the same address space. The Initiator is not APF-authorized. It runs in supervisor state. > > When you ATTACH an authorized program and pass it a parm that is longer > >than 100 bytes, how do you prevent a buffer overflow security > exposure if the > >authorized program you are ATTACHing copies the parm to a 100 byte buffer > >(which it assumes is a safe thing to do, because the system > documentation stated > >that the maximum PARM= length was 100 bytes)? > > > Moribund horse. The LONGPARM option was provided to control this. > But does ATTACH verify LONGPARM? If not, the calling program should. I'll be the judge of which horses are moribund. LONGPARM checking is done by the system when the Initiator requests it. Uhhh, Clem's program is not the Initiator, and does not do what the Initiator does to request LongParm checking, so no LongParm checking is done for its ATTACHes. Jim Mulder z/OS Diagnosis, Design, Development, Test IBM Corp. Poughkeepsie NY ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
