Aside from that, Mrs. Lincoln, how was the play? Any competent auditor who saw that would slap you down.
-- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List <[email protected]> on behalf of Barkow, Eileen <[email protected]> Sent: Thursday, October 18, 2018 9:55 AM To: [email protected] Subject: Re: get ECSA key 7 storage under CICS The SVC code just sets the JSCBAUTH bit on for a few nanoseconds while the user code runs and then sets if off in response to another SVC call to do so. I do not run it any more but it really came in handy and did not cause any problems. -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Jousma, David Sent: Thursday, October 18, 2018 9:50 AM To: [email protected] Subject: Re: get ECSA key 7 storage under CICS Eileen, that code sounds suspiciously like a huge security vulnerability? Am I missing something? -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Barkow, Eileen Sent: Thursday, October 18, 2018 9:46 AM To: [email protected] Subject: Re: get ECSA key 7 storage under CICS **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** I actually have run a few CICS programs in supervisor state using an old SVC routine that LRS used to provide - You just pass it the address of the code to run and it sets the JSCBAUTH bit on so that the code runs in supervisor state/key 0. I needed this in order to issue MVS commands directly from CICS, like VTAM commands to vary devices INACT and START commands for various things. I still have the SVC code if anyone wants it. The problem with CICS has always been that it sets the JSCBAUTH bit off after initialization so that APF authorized programs cannot run. -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Binyamin Dissen Sent: Thursday, October 18, 2018 7:13 AM To: [email protected] Subject: Re: get ECSA key 7 storage under CICS You need to be supervisor state to do this. Using CICS just because it is easier is a wrong decision. But if you are sold on using CICS, you would need to write a SVC routine to actually do the work and have your transaction supply a CICS area as a buffer and the SVC routine will do the IFI work and return the record. On Thu, 18 Oct 2018 05:08:36 -0500 Wang Rong <[email protected]> wrote: :>Hi Binyamin, :> :> Many thanks to your quick replay. :> I'm trying to capture/send DB2 log record using IFI call. The storage requirement is ECSA key 7 storage: "The return area for monitor programs that issue IFCID 0306 requests must reside either in ECSA key 7 storage or in the 64-bit common key 7 storage area above the 2-GB bar" (from IBM book). :> I prefer to use CICS because it's easy programming. :> :> -- Binyamin Dissen <[email protected]> http://secure-web.cisco.com/17INyMZEastU6hSb1nPkrFO5WKlQKoQHh5RHA_eDpmC-JKHpqfo1pdcQPx1lBFWY38oUG_MSezBJo_ZGBYAyFRO_IKqfP4IRZS1d6FIJi_Y0-kWSOvyAypury2i0w2Wf8xkdf0yB04OErkistjxhfn3UKwgZhh0y3ky-8dwwqwC_1ZtY7o-5nRowJKFIn3SJi1PynOfw3X0RtH6X_M0tZJU-czSyZZ7YcGemmbhYfF9huScFGcmjDbnSzBjRmkOuHkFyaUQDgAn8Tkyih0WD3IPR5AVszxzJDSNVFEq-hZgbGKfSe6kUgAG9Eivs4-3ddmc2-gBAG_3Ky9LvRGmxAbGLdalRGDzmFS9TyXd0Oe75EKt1IiVriJgZXoe7fx0FvFXaRpFRDrjs_kE0eFeA0sdjA6Cdo0xC7MI87Uce2ko3ep4amA0wihNOp4DQx7jL1/http%3A%2F%2Fwww.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ________________________________ This e-mail, including any attachments, may be confidential, privileged or otherwise legally protected. It is intended only for the addressee. If you received this e-mail in error or from someone who was not authorized to send it to you, do not disseminate, copy or otherwise use this e-mail or its attachments. Please notify the sender immediately by reply e-mail and delete the e-mail from your system. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
