Theory says yes, but both the program leaving data around and the program looking for it would have to be authorized and almost working in conjunction with each other. Restricted sub-pools and assigning gotten storage to a TCB above the job step TCB are both authorized functions.
Watching what is authorized is where you should be expending your efforts. Also, how many system's programmers have a homegrown SVC to set and reset a task as authorized? This used to be common. I don't know if it still is. The far larger risk is in backup data. How many 'lost' tapes have you had? Most of the security problems I have read about in the last year have been either stolen PC's or lost tapes. I am not a CICS expert, so memory in that environment is an open question to me, but I imagine you have some controls over what transactions are put in a CICS environment. Batch job memory, for the most part, should not be a problem. Any authorized program is a risk. Once a program is authorized, all controls are off and anything is possible. Chris Blaicher - personal opinions only ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
