Basically the same as any other authorized program, plus don't trust anything in key 8.
-- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List <[email protected]> on behalf of Leonardo Vaz <[email protected]> Sent: Saturday, November 16, 2019 10:30 AM To: [email protected] Subject: Re: AUTHPGM in IKJTSOxx I am curious now, does a custom homegrown program have to take extra precautions to be placed under AUTHPGM? What would those be? Regards, zLeo > On Nov 16, 2019, at 10:09 AM, Peter Relson <[email protected]> wrote: > > Regarding AUTHPGM itself, I think of it this way (pretty much the way > Steve Smith described it): > > AUTHPGM identifies to TSO/E a program that needs to be run on the > "authorized side" of the TMP. For such a program, setup must be done very > carefully. > > While there is a program running on the "authorized side", the system > makes sure, as it must do to avoid integrity problems, that nothing at all > is running on the "unauthorized side". Managing the required > non-dispatchability of the unauthorized side is key. > > If you have something TSO/E-wise that does require authorization but is > not identified as such, it will be run on the unauthorized side and when > it does whatever it does that requires authorization, it will be seen as > not having suitable permission. > > Peter Relson > z/OS Core Technology Design > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
