On 4 Nov 2013 06:30:46 -0800, in bit.listserv.ibm-main you wrote: >It is worth recalling Mr Perryman's name for this thread, viz., > >Security exposure of zXXP. > >His riposte---It is not responsive---to my last post employs a >rhetorical device that was familiar to the Alexandrian Greeks. > >In answer to my contention that position 1457 and position 1458 in a >Kama Sutra of programming tactics have the same orthopedic risks his >rebuttal was that position 1457 aggravates scoliosis. > >My point---I made it in deliberately bald language---was that the >security 'exposures' associated with the availability of SRBs are not >worse for zIIPs and zAAPs than they are for unspecialized CPs. > >As Shane Ginnane noted in another context, auditors, however limited >their technical grasp, can and do read. I foresee yet another >addition to their standard queries:
Is the code that can be made zIIP and zAAP eligible, code that must run under an SRB anyway? Is there is code that is currently running unauthorized, problem state under a TCB that would be eligible if it were running under an SRB? For those vendors that have done zIIP / zAAP enablement, did this involve move code from being unauthorized under a TCB to authorized under an SRB? Clark Morris > >o Does your z/OS or z/VM installation have > zIIPs, zAAPs, IFLs, . . . installed? > >o If so list the uses that are made of them, > identifying each application and each ISV > involved. > >John Gilmore, Ashland, MA 01721 - USA > >---------------------------------------------------------------------- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
