On Sun, 17 Nov 2019 19:10:16 -0600, Paul Gilmartin <[email protected]> wrote:
>On Sun, 17 Nov 2019 15:50:53 -0600, Walt Farrell wrote: > >>On Sun, 17 Nov 2019 00:33:29 +0000, Leonardo Vaz wrote: >>> >>>But wouldn’t that program be system integrity even if not placed on AUTHPGM? >>>The user could execute it batch first example and change his ACEE or >>>anything else. >> >>No, that wouldn't be a problem, ... >> >I respectfully differ. A program executed as the job step task and >running in authorized state which can branch to an arbitrary address, >not necessarily an entry point, in its address space, even in its own >code, specified by a non-privileged user presents an indeterminate >hazard. I think you're right, gil for some scenarios I didn't consider initially. But the scenario most analogous to the TSO one, which I mentioned, where the user executes his own program that invokes the program we're talking about by calling it (LINK, etc.) doesn't have a problem. In that scenario the user's program isn't running authorized, and therefore the program it calls isn't running authorized, either. So the user is going to have to be more clever than that to pass an address of some code that can cause a problem, while still getting the program invoked with authorization. But as it can probably be done somehow, the idea of having a program like that was unwise from the beginning. I'll have to think about some other things that an authorized program running under TSO might have to account for that it wouldn't in another environment. -- Walt ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
