In <[EMAIL PROTECTED]>, on 06/21/2007
at 11:02 PM, "R.S." <[EMAIL PROTECTED]> said:
> From time to time I read on the list about companies which demand
>ISVs to provide source code for SVC routines to analyze it from
>security point of view.
>While I don't know to much about z/OS 'guts', I'm wondering what is
>the reason for that?
Because there's a higher risk from them.
>Last, but not least - neither SVC, nor 'regular' APF-authorized
>program can do anything illegal when not instructed, so unless ISV
>folks unlimited access to prod system it is like dangerous knife in
>my safe.
Only if the safe is unlocked.
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
ISO position; see <http://patriot.net/~shmuel/resume/brief.html>
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
