Not only AC(1) from an authorized library, but from an authorized concatenation. But see LNKAUTH=LNKLST.
-- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List <[email protected]> on behalf of Jeffrey Holst <[email protected]> Sent: Wednesday, November 13, 2019 9:55 AM To: [email protected] Subject: AUTHPGM in IKJTSOxx Does AUTHPGM require that the specified program have a non-zero AC or that it be in an APF authorized library? I ask because it appears that a very clever user may have written a program whose name matches a program in the AUTHPGM list. The program executes a macro instruction that requires APF authorization. It appears that he was able to successfully call it from TSO. If this is the case, is there a way to secure this. If this is not supposed to work this way, this would seem to be an integrity issue that is worthy of a PMR. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
