On Wed, 5 Mar 2014 15:32:03 +0000, Rob Scott wrote: >Please use google and search the IBM-Main archives for JSCBAUTH for *many* >discussions about why you should not be flipping it on and off. > >Apart from the fact that it is difficult to secure any facility that elevates >the authority of the caller, there is also the multi-tasking aspect to >consider. > In my view, simply, no facility should *ever* elevate the authority of its caller.
Discussions such as this reinforce my belief in the utter folly of allowing privileged and unprivileged code to operate in the same address space. It's complex; Byzantine, and disproportionately difficult to secure. I think z/OS UNIX got it right. (AFAIK.) -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
