On Fri, 6 Jul 2018 07:31:51 -0700, Charles Mills wrote: >Let me put on my security preacher hat for a moment. > >Yes, what Eileen says is a fact: there is no z/OS "enforcement" of RENT unless >the program is from an APF library. You can easily get surprised by "where did >that S0C4 come from?" > There's also REFRPROT nowadays. But that should have never been needed as an option; it should have been the universal behaior ab ovo. How much extra would it have cost to load user programs as well as system programs into write-protected storage?
>But that is not the big issue. > >If you are getting "surprised" by "oh gosh, look at that, it's getting loaded >from an APF library" then you do not have proper controls over what is >probably THE most critical aspect of mainframe integrity, ... -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
