On Wed, 23 Sep 2009 01:23:26 -0400, Jim Mulder <[email protected]> wrote:
. . . > > There is an extensive discussion of the long PARM >topic in the archives starting on May 12,2005, under >the subjects PARM= and Re: PARM= . > > While this was being investigated, Karl Schmitz decided >to look at some of IBM's APF authorized programs in >SYS1.LINKLIB to see if he could find one which assumed that >the parm length did not exceed 100. My recollection is that >the first one he looked at (selected from a component in which >he had prior expertise, not alphabetically) could behave >incorrectly if the parm length was larger than 100. This is kinda interesting, because there is a way for a non-authorised program to call an authorised one - using the TSO service facility. When you do that, the parameter list is whatever the non-authorised program wants it to be. PARM longer than 100 bytes? Sure! More than one parameter? Easy! Well, there is a catch. Authorised programs can only be called in this way if they are in the AUTHTSF list. The trouble is, the person maintaining the AUTHTSF list probably does not understand exactly what it does, and even if they do understand, they usually have no idea if it is safe for a particular program to be placed in AUTHTSF. Have a look at your own AUTHTSF list. In many cases, you will find IDCAMS listed there (reason - at one time installation documentation for certain vendor products told you to add it). IBM now specifically warns about adding IDCAMS to AUTHTSF (eg OA17383) but it is a fair bet that all sorts of programs could be listed there that will break if passed multiple parameters, or a PARM greater than 100 bytes. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
