First off, yes, AC(1) and an authorized library and being the jobstep program = APF authorized. A useful and mainstream tool, but better to avoid if it makes sense to do so.
> it would help if a set of MVS OS services were developed that could > "handshake" together two (or more) specific, not random, unauthorized Ass I would say I agree, and quite possibly that OS service is named UNIX Pipes. I have never used them, but IIRC it lets one program define a wormhole with a name, and if another possibly unauthorized program knows that name, it can put stuff in the wormhole and it comes out the other end. QED Don't fear the UNIX! I am an old MVS guy; I go back to OS/360. UNIX is not some mysterious, strange "other" operating system that somehow runs next to MVS; UINIX is the name for an additional bunch of APIs into operating system services. As I say, I have never used named pipes, but I have used other UNIX services from within very conventional, run with JCL out of a load library, old school programs. I found the UNIX services to be very welcoming to an old MVS guy. Go for it! Charles On Sun, 8 Dec 2024 22:44:13 +0000, Richard Zierdt <[email protected]> wrote: >Thank you, Peter. Others have also responded - thank you - suggesting Unix >Pipes and TCP/IP. Those environments being new to me, I will try to solve my >problem using only MVS for now, but if not, then Unix, here I come. > >I believe the only way to run authorized is to link (Bind) AC(1), which I'm >trying to avoid. > >I may be overly sensitive here, but I am not trying to get around security. I >am, however, trying to understand how two unauthorized address spaces using >XM POST between them, apparently not allowed, would pose a security risk if >they could. > >OK � I'll take a shot at answering my own question, based on a comment by >Charles Mills: "random" address spaces. If unauthorized XM POSTs were allowed >without restriction, then one AS could "POST" to any other AS, possibly >interrupting a program or destroying data. Yeah, that'd be bad. But then it >would help if a set of MVS OS services were developed that could "handshake" >together two (or more) specific, not random, unauthorized ASs so they could >communicate between themselves. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
