Thanks for the input. Peter said something about making sure non authorized units of work are non dispatchable while the authorized program runs, is this something the authorized program added to AUTHPGM has to do or something that TSO does? If it is something that TSO already does, then why limit TSO to only run authorized programs on the AUTHPGM list? What is the harm of allowing any authorized programs as long as they don’t violate system integrity.
I’m still curious. zLeo > On Nov 16, 2019, at 11:43 AM, retired mainframer <[email protected]> > wrote: > > If the program does not reside in an APF authorized library, placing it in > AUTHPGM does not give it any extra authority. It will waste some system > resources to create the authorized environment that is implied as necessary. > > If it is in an authorized library, it needs to take the exact same > precautions any other homegrown program that runs authorized would need to > take. When you authorize any program, you are trusting it not to violate > your system's integrity. How it earns that trust varies from site to site > but I expect most have additional requirements above and beyond normal > release procedures. > >> -----Original Message----- >> From: IBM Mainframe Discussion List <[email protected]> On >> Behalf Of Leonardo Vaz >> Sent: Saturday, November 16, 2019 7:30 AM >> To: [email protected] >> Subject: Re: AUTHPGM in IKJTSOxx >> >> I am curious now, does a custom homegrown program have to take extra >> precautions >> to be placed under AUTHPGM? What would those be? >> >> Regards, >> zLeo > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
