On Tue, Mar 17, 2015 at 9:43 AM, Binyamin Dissen <bdis...@dissensoftware.com> wrote: > Of course, after this snippet the authorized section cannot trust the contents > of any key8 storage. >
Yes, I can see how that can be true. Of course, I don't know of a _good_ method to ensure memory protection from a "rogue" program which runs in the same address space as a trusted program. That's why z/OS UNIX has the concept of a "dirty address space" and you can get some nasty return codes. That could be considered a plus for doing things like this using UNIX facilities to fork() a child address space to run the untrusted program, and only sharing specific memory pages using UNIX share memory facilities or IAZVSERV. But that then goes back to the problem of the child needing to access DD statements in the parent address space. There are always trade offs. Unless you are willing to go "whole hog" and only use UNIX facilities, including UNIX files instead of DDs. -- If you sent twitter messages while exploring, are you on a textpedition? He's about as useful as a wax frying pan. 10 to the 12th power microphones = 1 Megaphone Maranatha! <>< John McKown ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN