Based on my experience in the z/OS System Integrity Competency Center, once JSCBAUTH has been turned off by an authorized application, and unauthorized code has been allowed to run, it is not safe to turn JSCBAUTH back on.
The main issues are the hard to enumerate traps that unauthorized code might set to spring once JSCBAUTH is back on. Some of these traps have been discussed in this and related threads -- modification of key 8 storage, establishment of STIMER routines, and so forth. And yes, both the initiator and the TSO Terminal Monitor Program turn JSCBAUTH on, but as part of the operating system they are able to deploy mechanisms that are not available or practical for other programs. Karl Schmitz IBM z/OS System Integrity Competency Center ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
