> -----Original Message-----
> From: IBM Mainframe Discussion List On Behalf Of Edward Jaffe
>
> Lou Losee wrote:
> > The thing is integrity APARs do not come from requirements, they come from
> > exposures that violate IBMs integrity statement. So I would think that the
> > reason behind the APAR has to be deeper than just segregating the use of
> > SMPE.
> >
>
> Exactly! The problem is that GIMSMP is APF authorized.
>
> AFAIK, that's true only because IEBCOPY requires APF authorization.
> That's required because IEBCOPY uses I/O appendages. But, trust me, it's
> not doing *anything* that can't also be done without I/O appendages.
>
> IMHO, the "right" fix would have been to "enhance" IEBCOPY to use
> alternate I/O techniques when not running APF authorized. (BTW, that
> would solve numerous other non-SMP/E-related issues at the same time.
> Ever tried to invoke IEBCOPY from a REXX?)
>
> Removing APF authorization from GIMSMP would remove the potential for
> integrity exposure. In that case, these ridiculous new SAF resources for
> SMP/E--which really do nothing to protect the system--would never have
> been created in the first place.
But aspirin is cheaper than angioplasty......
-jc-
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
