In a recent note, Walt Farrell said: > Date: Wed, 19 Oct 2005 08:57:06 -0400 > > > Does the TSO security model, such as it is, preclude wider use > > of modal commands or the development of modal commands by users? > > I see no relationship between modality and security, so I would have to > say no, it doesn't. > > If you see some relationship that I don't, please explain further. > Perhaps you're considering something to be "security" that I don't. > I was trying to imagine how support for modal applications could be implemented in a modular and extensible fashion, so that a programmer might even be able to code his own modal applications with no specific modifications to the TMP.
Suppose the modal application were ATTACHEd (or spawn()ed) and control were returned to the TMP without doint a WAIT (or waitpid), but leaving a communication channel open between the application and the TMP; perhaps ECB semaphores, POSIX pipes, or sockets. (I suspect the implementation of the modal EDIT is somewhat like this.) Further line input from the TMP, CLIST, or EXEC would be passed to the modal application, which would return messages and status. This interaction would continue until the TMP passed the application an END command and the application returned a status indicating it exited. But I understand, however poorly, that part of TSO security depends on preventing concurrency, so a task/process left in background can't meddle with storage of a possibly authorized command. Permitting the concurrency I envision above might compromise this protocol. As an experiment, I wrote an EXEC which does a SYSCALL spawn and exits without waitpid() for the child. With _BPX_SHAREAS = NO, it returns normally and leaves the child running in the background until it terminates. With _BPX_SHAREAS = YES, it ABENDs with SA03. So I can leave a concurrent process in a different address space, but not in the same address space where it might meddle with working storage of subsequent commands. I suspect this is routine operation of Classic MVS; not code added specifically to protect the TMP from spawn(). I don't know EDIT or IPCS enough to try an experiment to see whether the flavor of "address TSO" peculiar to Rexx programs started from z/OS Unix shell plays well with those commands. (Too bad WJS doesn't follow this list; he'd likely know.) Is execution of the modal EDIT from ISPF 6 fully supported? -- gil -- StorageTek INFORMATION made POWERFUL ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
