Peter's message from 4.5 hours ago explains what happens if the program is not in AUTHPGM. It also explains that TSO sets up the environment when the program is in AUTHPGM and part of that environment insures the requirements he described are met.
Without the AUTHPGM list, how would TSO know which programs should run authorized and which should not? There are authorized programs that need authorization only for certain functions and can run under TSO without authorization for other (more common) functions. You don't want to waste system resources setting up the environment for the vast majority of TSO activities that don't need it. Any site that allows an authorized program to violate system integrity deserves what it gets. > -----Original Message----- > From: IBM Mainframe Discussion List <[email protected]> On > Behalf Of Leonardo Vaz > Sent: Saturday, November 16, 2019 9:21 AM > To: [email protected] > Subject: Re: AUTHPGM in IKJTSOxx > > Thanks for the input. Peter said something about making sure non authorized > units of > work are non dispatchable while the authorized program runs, is this > something the > authorized program added to AUTHPGM has to do or something that TSO does? If > it > is something that TSO already does, then why limit TSO to only run authorized > programs on the AUTHPGM list? What is the harm of allowing any authorized > programs as long as they don’t violate system integrity. > > I’m still curious. > zLeo ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
