Yeah, "yes" would have been an adequate answer. GIYF or RTFM could also be justified.
Charles -----Original Message----- From: IBM Mainframe Assembler List [mailto:[email protected]] On Behalf Of Steve Smith Sent: Monday, May 7, 2018 7:01 AM To: [email protected] Subject: Re: Relinking a module with AC(1) MY 1st paragraph was a jab at the poster (and all the others) who expect the IBM-MAIN community to do their research, or teach them their job, when they evidently can't be bothered to explain their problem, much less what they've tried so far. I wasn't disputing your answers. My "yes" was only to the literal question ("does anyone have..."). The rest is information that is well-known, certainly to you two. In any case, I am not advocating setting AC(1) unless required; only that AC(1) itself is a weak control. I would think that code not vetted for authorized access should be kept out of authorized libraries. sas On Mon, May 7, 2018 at 8:19 AM, Charles Mills <[email protected]> wrote: > I respectfully disagree. Perhaps @Peter Relson has already said this > better than I will, but it is hard to see the question in isolation. Yes, > what you say is true: AC(1) by itself does little; it is neither necessary > nor sufficient for running authorized. But I might assume that the OP > already knows how (neglecting any permissions issue) to link into an APF > library, and the question should be interpreted as "how do I get a program > to start running authorized?" > > I stand by my answer. > > Charles > > > -----Original Message----- > From: IBM Mainframe Assembler List [mailto:[email protected]] > On Behalf Of Steve Smith > Sent: Sunday, May 6, 2018 5:52 PM > To: [email protected] > Subject: Re: Relinking a module with AC(1) > > Heh. Not so; answering the question asked requires only a simple "yes". > And deserves little more. > > Re the rest: AC(1) does far less that you and others imply. It's merely a > signal the program wants to be authorized. The key is access to > APF-authorized datasets. And if people who don't know what they're doing > have access to those, well then, that system has some integrity issues. > > sas > > On Sun, May 6, 2018 at 11:32 AM, Charles Mills <[email protected]> wrote: > > > I apologize. I answered the question that was asked rather than the > > question I should have answered. The correct answer is DON'T DO IT! > > > > ... > > > -- sas
