On Thu, 25 May 2017 14:24:05 -0500, John McKown <john.archie.mck...@gmail.com> wrote:
>Well, from what I vaguely gather, this entire thread started off with the >question of "how does an APF authorized program run a non-APF authorized >program from a library not on the APF list?". Apparently the OP was trying >this and got a S306-C. Or maybe he just want something like the TSO TMP >does to "safely" (FSVO safely) invoke a program as a subroutine without APF >authorization. > >My solution for the above was to architect do a fork() to create a new >,non-APF authorized, address space. The child would be running the same >program at the same point in the 2nd address space (and with a different >PID). And if I'm reading the documentation correctly, the new address space >is _NOT_ running APF authorized. So the program, in the child, would set >things up to invoke the desired program. That background is why I was >thinking LINK instead of execmvs(). Also LINK does not replace the process >image, so the copy of parent's key 8 storage is still accessible. If the >child needs to update the parent's memory, then said memory needs to be set >up as "shared" in both processes (address spaces). If an APF-authorized task does a fork() then the child should also end up running APF-authorized. It is basically an exact copy of the parent except for the DD allocations (and loss of other TCBs). The exec() or execmvs() that one expects the child to do next is what will take care of removing APF-authorization during the cleanup prior to running the program that replaces the previous process. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
