On 7 July 2014 09:33, John McKown <[email protected]> wrote: > I really wish that I knew exactly what Michael hopes to accomplish.
I think we -- that is those of us still following to this point -- all do. > As best as I recall, it was that he had an APF authorized TSO command, > which was properly authorized. And he wanted to do invoke a "PROFILE > NOWTPMSG". Which failed because the PROFILE command is not in the > TSOAUTH command list. It is trivial to invoke a TSO command directly via LINK or ATTACH. This was once documented, but now the closest there is is the doc on how to write a subcommand. But the linkage and rules are the same, so invoking a (major) TSO command is straightforward. Of course this would lead to PROFILE running in an authorized state. It is unrealistic to imagine that IBM has included malfeasant behaviour in PROFILE, so one is left only to worry about some way that bugs in PROFILE could be exploited by the invoker of Michael's (doubtless correctly designed and debugged) authorized command. > And there is not equivalent API to affect the WTPMSG setting. As someone else pointed out, the entire UPT is classified as a Programming Interface, and there's just one bit (UPTWTP) to twiddle, so that would be a very easy approach. > IMO, FWIW, is that if the user has PROFILE WTPMSG on, then my program should > not turn it off. And vice versa. This is surely the heart of the matter. For what message(s) does Michael want to ignore/override the user's chosen handling, and why? Somehow I am reminded of a comment (http://ansuz.sooke.bc.ca/entry/243) on Microsoft's recommendations on how software should communicate with users: "Use the second person (you, your) to tell users what to do." "Here's one of my own: Don't tell users what to do." Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
