On Sun, 17 Nov 2019 15:50:53 -0600, Walt Farrell wrote: >On Sun, 17 Nov 2019 00:33:29 +0000, Leonardo Vaz wrote: >> >>But wouldn’t that program be system integrity even if not placed on AUTHPGM? >>The user could execute it batch first example and change his ACEE or anything >>else. > >No, that wouldn't be a problem, ... > I respectfully differ. A program executed as the job step task and running in authorized state which can branch to an arbitrary address, not necessarily an entry point, in its address space, even in its own code, specified by a non-privileged user presents an indeterminate hazard.
On Sat, 16 Nov 2019 15:16:27 -0600, Walt Farrell wrote: > ... >For example, consider a program which accepts as a parameter the address >(not the name) of some code to be executed as a kind of subroutine. > >Now consider what might happen if you were to link that program with AC(1), >place it in a library that MVS considers APF-authorized, ... -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
