On Thu, 14 Oct 2010 19:54:44 -0500, John McKown wrote: >The SPFCOPY that I remember simply used a "magic" SVC to set the APF on >before calling IEBCOPY and back off afterwards. > I've heard of this. And that the "magic SVC" did extensive checkinf of control blocks to verify that it was properly called by ISPF. Bot that it was possible, in principle, to fool it.
But why? couldn't it just perform the equivalent of address TSO 'CALL *(IEBCOPY)' ... and let TSO handle the integrity? >Did PDSFAST require APF authorization? > >On Oct 14, 2010 7:23 PM, "Ted MacNEIL" <eamacn...@yahoo.ca> wrote: > >>Also, IIRC, IEBCOPY uses I/O appendages that require authorization, since >they are loaded from SYS1... >Yes. That's true. > Didn't other plies in this thread say that the third-party alternatives don't use archaic appendages, thus don't require AC=1. Is there a third-party IEBCOPY replacement that is runs AC=0 and is interface-compatible? If a programmer specified such a product as the COPY utility for SMP/E, and avoided WAIT in DDDEFs, could he run SMP/E in unauthorized state? Would this avoid the unspecified integrity hazard that mandates bizarre RACF authorization for use of SMP/E? I would hope so; isn't it IBM's integrity statement that any way in which a non-authorized program can threaten system integrity will be fixed at highest priority. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html