On 12/11/2011 8:12 AM, Peter Relson wrote:
Do you think applications have a need for using SAC?
They sure do if they use data spaces. (Even ignoring the fact that
"applications" does not equate to "unauthorized")
As to where to "draw the line", draw it where it makes sense. If the
operating system lets an unauthorized program do something, then why
restrict that unauthorized program further unless necessary?
Ah, that references something that Ed Jaffe alluded to also. For
some reason I had thought that 'semi-privileged' was mostly the
same as 'privileged': some mechanism has to be set up to allow
non-authorized programs to use such instructions. And this
setting up was done by the control program. And I further
thought (and this was my reach too far, apparently) that z/OS
was very stingy in what it allowed for applications programs.
Goaded a bit by your post, I went back to the Pops and re-read the
Program Execution chapter (Chapter 5).
So now I see I should do some more research. But where is it
documented which semi-privileged instructions are available
to problem state programs under z/OS (that is, to echo back
your phrase, how would I know which semi-priviliged instructions
'the operating system lets an unauthorized program do' if the
operating system is z/OS)?
A USER SVC is supposed to have the ability to issue
any ABEND where the YY is it's ID and X is 0-E (FXX being reserved
for the SVC YY not defined ABEND)?
I don't think this has ever been true for "X = 0". (I don't have any
comment on how the xFB and xFC completion codes got in there, although I
wouldn't be surprised if some of the xFC ones pre-dated user SVCs)
Peter Relson
z/OS Core Technology Design
--
Kind regards,
-Steve Comstock
The Trainer's Friend, Inc.
303-355-2752
http://www.trainersfriend.com
* To get a good Return on your Investment, first make an investment!
+ Training your people is an excellent investment
* Try our tool for calculating your Return On Investment
for training dollars at
http://www.trainersfriend.com/ROI/roi.html
