On 06/18/10 08:52, Tony Harminc wrote:
On 18 June 2010 09:36, Binyamin Dissen <[email protected]> wrote:
:>Does LINK as opposed to ATTACH make a difference? Can a nonauthorized
:>program LINK to an authorized program and have that program run
:>authorized? Can even XCTL do this/
No, and no.
Well, no, no, and sort-of. Sort-of in the sense that although XCTL
can't do it, execmvs() can, with semantics a lot like those of XCTL.
The deficiency in execmvs() is that it discards the caller's DD
allocations. Being unfamiliar with the internals, I can easily
say, this is very stupid. Someone familiar with the internals
might argue it's impossible to do it any other way. Yet the
initiator (an authorized program) can ATTACH the program
named in the PGM= option (whether authorized or unauthorized)
without discarding the allocations. Why can't execmvs(), at
least optionally, do likewise, duplicating the logic in the
initiator between ALLOCATE and ATTACH? Perhaps it
could even reuse the initiator's code.
A second choice would be that execmvs() honor the specifications
in the TSOALLOC environment variable.
Of course, one could write some glue code that would perform the
allocations in TSOALLOC, then ATTACH a target program.
But that glue would need to be installed in an APF authorized
library, merely regressing the problem one level.
-- gil
