On Thu, Apr 22, 2010 at 1:19 PM, Sam Siegel <s...@pscsi.net> wrote: > On Thu, Apr 22, 2010 at 6:42 PM, Walt Farrell <wfarr...@us.ibm.com> wrote: > > > On Thu, 22 Apr 2010 15:07:52 +0100, Sam Siegel <s...@pscsi.net> wrote: > > > > > >I'm trying to write some authorized code that has a requirement to > invoke > > >unauthorized user exits. > > > > First, why do they have to be unauthorized? Your life is a lot simpler > if > > you require that they come from an APF-authorized library and make the > > customer responsible for ensuring only valid code goes into those > > libraries. > > > > The requirements exists because I'm trying to write something that will be > Ziip enabled and leased as a product. > > Prior to passing the buffer to a work queue for the SRB, there is the > possibility that the user (which can be a normal programmer) will need to > modify the data in the buffer or provide additional data once the data > source has been drained. > > I don't want the to impose a requirement of authorized code for the exit as > most shop will not allow application programmers to put code in an > authorized library. > > Having systems staff write the code creates a bottleneck on the application > rate of change. > > > > > > Second, do you really mean user exits (that is, load modules whose names > > and > > locations the end-users supply) or installation exits (that is, load > > modules > > whose names and locations the system programmers supply)? > > > > Yes I really mean user-exits and not installation exits.
I really don't want to be rude about this so please be tolerant of my apparent insensitivity. Your questions indicate a basic lack of understanding of the intricacies of this kind of software. Without understanding all of the nuances it is almost impossible to avoid wandering into dangerous territory and putting your customers at significant availability and integrity risk. Writing an SRB-mode application that runs reliably all the time is hard enough on its own. Writing a mixed mode application that (safely) provides access for non-privileged callers is really hard and there's just no pretending otherwise. Walt's advice here and in the other ADRNAPF thread is exactly right. Borrowing an old saying about the price of a Rolls-Royce... if you have to ask, you can't afford it. In all honesty I would strongly recommend walking away from this idea. -- This email might be from the artist formerly known as CC (or not) You be the judge. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
