On 3/5/2014 7:10 AM, dpewen wrote:
Hello,
I started this thread and I appreciate all the input I received from this list.
I have solved the problem by adding code to my user svc that is part of the
product.
I added two functions to the svc:
1. to turn on the APF-auth bit in the job step TCB
2. to turn off the APF-auth bit in the job step TCB
Turning on JSCBAUTH makes _every TCB in the job step_ authorized! This
is an exposure!
There should be another way to achieve what you want. But, at the very
least you must understand that any time you're going to modify a job
step or address space-level setting, especially one that confers
additional privileges to otherwise non-privileged TCBs, you MUST ensure
that all such TCBs are marked non-dispatchable for the duration of the
enhanced setting. This is what TSO/E does during execution of a program
on the Authorized Leg of the TMP.
--
Edward E Jaffe
Phoenix Software International, Inc
831 Parkview Drive North
El Segundo, CA 90245
http://www.phoenixsoftware.com/
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
