In <listserv%[email protected]>, on 04/02/2010 at 03:20 PM, Paul Gilmartin <[email protected]> said:
>So, now sheer conjecture. ASMA90 may or may not do exhaustive SAF >checking. Why should it feel obliged to? It was designed to run >unauthorized. So a maliciously crafty programmer could code an SMP/E >APPLY step which invokes ASMA90; preallocate SYSPUNCH; and supply PUNCH >statements which overwrite a member in what? SYS1.PARMLIB? No, he gets an S913. AC(1) does not turn on JSCBPASS. >Multiply that by the increasing number of utilities called >by SMP/E which may not do SAF checking Nor am I aware of any need for them to do so. In <listserv%[email protected]>, on 04/02/2010 at 05:04 PM, Paul Gilmartin <[email protected]> said: >OK. Educate me. I had thought that once a program was APF >authorized, it became the responsibility of that program to >issue the SAF calls and respect the replies; if not, the program could do >anything it wanted. Not by magic; the program can only do what it was written to do. You can certainly write an authorized program that bypasses security, but it doesn't happens automatically. If the authorized program doesn't have code to prevent it, then any OPEN will be subject to normal security controls. -- Shmuel (Seymour J.) Metz, SysProg and JOAT ISO position; see <http://patriot.net/~shmuel/resume/brief.html> We don't care. We don't have to care, we're Congress. (S877: The Shut up and Eat Your spam act of 2003) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
