On Sat, 30 Mar 2013 09:15:31 -0400, Peter Relson wrote: > >PARMDD does not use the traditional CALL/EXEC/ATTACH/XCTL interface. I > ??? >thought that had been made clear. The use of PARMDD requires no change >to programs that can handle any length in the 0-32760 range other than the >new binder attribute for AC=1 programs from APF-authorized libraries. > You seem to be contradicting yourself here. Or is there a (new?) way for the initiator to run programs other than "the traditional CALL/EXEC/ATTACH/XCTL interface", but transparent to the program which is run?
I could imagine that the initiator ATTACHes an intermediary which performs PARMDD processing then XCTLs the PGM= program after verifying the AC and LONGPARM attributes. I could also imagine an internals geek's inspecting control blocks and discovering that his program was not directly ATTACHed by the initiator. Such a person might care; I wouldn't. >It is true that if the use of PARMDD resulted in passing a halfword length >of 0 there would be no "threat" but there also would be no chance of >things "working" without code changes in the target module. That would >greatly inhibit exploitation. Thanks, gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
