On Thu, 22 Apr 2010 15:07:52 +0100, Sam Siegel <[email protected]> wrote: > >I'm trying to write some authorized code that has a requirement to invoke >unauthorized user exits.
First, why do they have to be unauthorized? Your life is a lot simpler if you require that they come from an APF-authorized library and make the customer responsible for ensuring only valid code goes into those libraries. Second, do you really mean user exits (that is, load modules whose names and locations the end-users supply) or installation exits (that is, load modules whose names and locations the system programmers supply)? The concerns are different, in my opinion, for user- vs installation-exits. -- Walt Farrell, CISSP IBM STSM, z/OS Security Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
