On Thu, Apr 22, 2010 at 6:42 PM, Walt Farrell <[email protected]> wrote:
> On Thu, 22 Apr 2010 15:07:52 +0100, Sam Siegel <[email protected]> wrote: > > > >I'm trying to write some authorized code that has a requirement to invoke > >unauthorized user exits. > > First, why do they have to be unauthorized? Your life is a lot simpler if > you require that they come from an APF-authorized library and make the > customer responsible for ensuring only valid code goes into those > libraries. > The requirements exists because I'm trying to write something that will be Ziip enabled and leased as a product. Prior to passing the buffer to a work queue for the SRB, there is the possibility that the user (which can be a normal programmer) will need to modify the data in the buffer or provide additional data once the data source has been drained. I don't want the to impose a requirement of authorized code for the exit as most shop will not allow application programmers to put code in an authorized library. Having systems staff write the code creates a bottleneck on the application rate of change. > > Second, do you really mean user exits (that is, load modules whose names > and > locations the end-users supply) or installation exits (that is, load > modules > whose names and locations the system programmers supply)? > Yes I really mean user-exits and not installation exits. > > The concerns are different, in my opinion, for user- vs installation-exits. > > -- > Walt Farrell, CISSP > IBM STSM, z/OS Security Design > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
