> -----Original Message----- > From: IBM Mainframe Discussion List > [mailto:[email protected]] On Behalf Of Walt Farrell > Sent: Tuesday, July 24, 2012 12:59 PM > To: [email protected] > Subject: Re: Authorized Rexx Assembler Function > > On Tue, 24 Jul 2012 10:51:33 -0500, McKown, John > <[email protected]> wrote: > > >Also, remember that we are talking about TSO. An archaic > piece of software, which IBM has just seeming lost interest > in. Imagine what could > >be done if the non-APF user code ran in a subspace, like CICS uses. > > Subspaces (as currently architected by the hardware) would > not help if your goal is system integrity, John. Even in CICS > subspace mode only helps protect against -accidental- storage > overlays. > > While you can start some code running in a subspace, nothing > stops it from switching out of subspace mode, at which time > it has full access to the entire address space. > > -- > Walt
I was thinking more of the "accidental" overlay of storage. Granted "malicious" software requires more aggressive protection. I do think that it would be more secure if the TMP used an ASCRE to start a new address space for APF code. Of course, the problem then is the same as with UNIX; the new address space does not share DDs with the original address space. Now, that generates a truly weird thought: a way to have some sort of "shared" TIOT used by multiple address spaces. Or perhaps as pseudo-TIOT which somehow direct data management to run in the "owning" address space. Like a "remote FCT" entry in one CICS causes a connection to a different CICS and "transparently" redirects I/O to the owning CICS. Which triggers a thought based on SYSB, of using a "server" address space to which the "client" address space connects by having a DD allocated with a SUBSYS=. Well, I'm really getting "off the wall" now. -- John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * [email protected] * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
