The SDSF SVC had some 'integrity checks' that would complicate any spoofing effort, but it was always a bad idea. Good riddance. Woe be to any similar attempt at the quick-and-dirty solution to an APF problem.
. . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW [email protected] -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Dana Mitchell Sent: Thursday, October 18, 2018 8:26 AM To: [email protected] Subject: (External):Re: get ECSA key 7 storage under CICS On Thu, 18 Oct 2018 14:08:33 +0000, Barkow, Eileen <[email protected]> wrote: >In order to call the SVC a programmer would have to know about it first >as well as have a need for it; neither of which applied to any CICS >application programmers. > Someone breaking into your systems would always have a need for something handy like that... ;) Didn't SDSF include something similar a long time ago? back when you used to get source for SDSF. Although IIRC it had a rudimentry check for the eyecatcher of the caller to make sure the caller was 'authorized' to use it. Dana ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
