On Sun, 17 Nov 2019 00:33:29 +0000, Leonardo Vaz <[email protected]> wrote:
> >But wouldn’t that program be system integrity even if not placed on AUTHPGM? >The user could execute it batch first example and >change his ACEE or anything else. No, that wouldn't be a problem, because if the user wrote his own program and ran it in batch it would not be running APF-authorized, and nothing it called would be running APF-authorized, and so the program I described wouldn't be able to do any harm. Anything that program could do, running unaurhorized, the user could do directly. It is purely having the program named in AUTHPGM, and running it in a TSO environment, that causes the System Integrity exposure. > > I guess depending on the authorized program code, it might keep integrity > when executed under its own address space but if it executed >under TSO it might allow other units of work to run something they shouldn’t >be able to, i think it would have to be something really specific >and it’s still unclear to me why AUTHPGM exists. AUTHPGM exists to allow some authorized programs to run under TSO, when they are needed under TSO and they are known to properly maintain MVS System Integrity. But the author of the program needs to understand MVS System Integrity, and the system programmers in charge of AUTHPGM need to understand the ramifications of putting programs into that list. They should only do that for programs written by someone they trust, and when the author has indicated that it's safe to put the program in AUTHPGM. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
