zAAP runs unauthorized. Only IBM has access to placing workload onto these processors.
Vendors can run on zIIP. IBM doesn't want customer code on zIIP so IBM arbitrarily decided to require running as a special SRB that only authorized vendors have been told how to access it. Because customers want to save money, some software may run authorized that might not have been authorized in the past. IBM decided on this method because rarely will customers risk running their own programs in an authorized environment. Jon Perryman. >________________________________ > From: Clark Morris <[email protected]> > > >Subject line says it all. My understanding of most discussions here >is that the answer is yes. Then the second question is whether this >is logically code that would have run authorized anyway? > >Clark Morris >>In <[email protected]>, on 12/12/2013 >> at 02:47 PM, Clark Morris <[email protected]> said: >> >>>If the only code that is aimed for zAAP or zIIP is code that would >>>have run authorized anyway, then no additional exposure is caused >>>by their use. >> >>That would be true if there were never any programming errors. Errors >>in code running key 0 and supervisor are more likely to cause serious >>problems than errors in AC(1) code running key 8 and problem. >> >>>In regard to COBOL, I believe have seen things that say that XML >>>services used by COBOL can run on a zAAP so the question comes as >>>to whether these services would have to run authorized anyway. >> >>My reading is that unauthorized code does a PC to invoke the service. > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
