On Wed, 24 Jul 2013 07:59:47 -0700, Ed Jaffe wrote:
>
>Originally, SMP/E required authorization only because IEBCOPY required
>it. ... It's entirely possible that additional features were
>added to SMP/E over the years that work only because it's APF
>authorized. If so, those features will need to be identified and
>additional development will be required to find a way to provide similar
>function from unauthorized SMP/E.
>
S99WTDSN is a case in point. Can be suppressed with NOWAIT in
DDDEFs.
>Clearly, someone at IBM needs to work on this. SMP/E should go back to
>being a utility that anyone can use--just just a privileged few.
>
I agree wholeheartedly. Can a business case be presented to IBM?
Of course, one can force SMP/E to run unauthorized simply by
adding an unauthorized STEPLIB or by ATTACHing it from an
unauthorized program. A mildest form of the putative requirement
might be to waive the RACF requirement when SMP/E is running
unauthorized.
(If SMP/E nonetheless threatens system integrity when it runs
unauthorized, the z/OS Statement of Integrity is violated.
http://www-03.ibm.com/systems/z/os/zos/features/racf/zos_integrity_statement.html
)
-- gil
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
