True, I have never understood that either, gil. It might more to do with executing the program in the appropriate TCB than a security exposure.
Leo -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Paul Gilmartin Sent: Tuesday, March 04, 2014 10:25 AM To: [email protected] Subject: Re: ISPF storage protection On Tue, 4 Mar 2014 08:54:43 -0500, Shmuel Metz (Seymour J.) wrote: >In <[email protected]>, on >03/03/2014 > at 06:14 PM, Paul Gilmartin <[email protected]> said: > >>I have no idea why APF authorized library and link edit with AC=1 >>alone don't suffice. > >Because it would be a major security breach. > That doesn't tell me much. Why? How? Would it be any less a security breach to invoke such a program from JCL with "EXEC PGM=..." which likewise causes it to run in the authorized state? -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
