On 3/1/2006 2:18 PM, Leonard Woren wrote:
On Wed, Mar 01, 2006 at 01:04:31PM -0500, Walt Farrell ([EMAIL PROTECTED])
wrote:
...snipped...
Let's distinguish between "huge number of affected programs" and
"huge amount of code that would need to be rewritten."
OK.
A subset of the affected IBM code I can think of off the top of my head
includes JCL processing, allocation, JES, DFDSS, catalog management,
TSO/E, and RACF. And the modifications may be non-trivial in some cases.
No, the changes are all trivial.
Sorry, but no. The changes, at least in RACF, are far from trivial, and
use of a single system routine to validate the format of a name is not
even close to sufficient for our needs. We actually need to look at the
names, and do things with them, and that involves knowing what they can
look like.
Perhaps you're right that it would help in some of the other cases,
possibly even a large subset of them. But there will still be
significant work needed in some critical programs.
Walt Farrell, CISSP
z/OS Security Design, IBM
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
