>What are the security implications of allowing uninvited snooping? Is this a good way to pick up confidential information if someone understands the application?
I would imagine this is the same as the implications for the "DUMP" z/OS system command. Rob Scott Rocket Software, Inc 275 Grove Street Newton, MA 02466 617-614-2305 [EMAIL PROTECTED] http://www.rs.com/portfolio/mxi_g2 -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Clark Morris Sent: 26 January 2007 08:18 To: [email protected] Subject: Re: Cross Memory and AR ASC Mode On 25 Jan 2007 15:17:44 -0800, in bit.listserv.ibm-main you wrote: >Peter Relson said this a few years back on IBM-MAIN : > >"There is no intended programming interface for obtaining the STOKEN of >a "given" address space. If the owner of that space wants you poking >around in his storage, then it is up to that owner to provide a >mechanism for you to obtain his STOKEN." > >I understand what he is saying here, however there are instances in >vendor code (and IBM-code surely??) where SRBs are scheduled into other >address spaces uninvited. > >If you use SCHEDULE to shoot the SRB and there is something wrong with >the ASCB in SRBASCB or the STOKEN you get an *abend* and now obviously >have to provide recovery around the SCHEDULE to cater for this. >SCHEDULE is also only an async service - so you have some WAIT amd >cross-memory POST logic going on as well. > >IEAMSCHD is a *much* improved service to handle SRBs and provides a >sequence of *return+reason* codes for situations where the STOKEN is >bad (no abend - hooray!). IEAMSCHD also provides the ability to operate >as a synchronous service - so no need to WAIT/POST (hooray again!). > >However, IEAMSCHD only accepts STOKENs as the specification for the >target foreign address space - and this is why I personally find >ASSBSTKN not being GUPI frustrating - but that is probably down to the >fact that the software I write does a lot of uninvited snooping. What are the security implications of allowing uninvited snooping? Is this a good way to pick up confidential information if someone understands the application? How does Omegamon handle this and can the method used be made available assuming the security concerns are met? > >Anyone think it might be worth a SHARE requirement request to ask for >ASSBSTKN to be marked GUPI for all address spaces? > > > >Rob Scott >Rocket Software, Inc >275 Grove Street >Newton, MA 02466 >617-614-2305 >[EMAIL PROTECTED] >http://www.rs.com/portfolio/mxi_g2 > >> rest snipped ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
