I think zAAP are somehow for Java but I'm not sure. I don't know how they restrict their usage. I doubt it is thru an SRB.
zIIP is supposed to run vendor software. Most are APF authorized anyways so the exposure is not any greater. My point was if a customer discovered how to do this, they are discouraged from allowing it because their employee's could easily write programs to access anything they wanted. Jon Perryman. >________________________________ > From: Clark Morris <[email protected]> > > > >>6. zIIP is first restricted by requiring programs run under an SRB. SRB's are >>a big security exposure so customers are unlikely to open them to their >>programmers. > >In the process of saving money are z ZIP and ZAP users introducing a >security exposure? Is the code that runs under the ZIP and ZAP >process code that normally run without any privileges in a problem >state? > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
