In <[email protected]>, on
03/04/2014
at 03:51 PM, Leonardo Vaz <[email protected]> said:
>Would it be any less a security breach to invoke such a
>program from JCL with "EXEC PGM=..." which likewise causes it to run
>in the authorized state?
Yes. What makes it a security breach is allowing an unauthorized
program to invoke it authorized in an uncontrolled manner. IBM has
written voluminously about this issue.
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
ISO position; see <http://patriot.net/~shmuel/resume/brief.html>
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
