The point is to pass an address to an authorised program so that it can call back the unauthorised program (at a different entry point in (for example) supervisor state.
So you are saying you can design code which bypasses system integrity. If you had a program which took that characterised hex address and then passed control to it in supervisor state, then that is NOT a suitable program for AUTHPGM or AUTHCMD or AUTHTSF. There are many ways to design programs to subvert z/OS integrity. The more difficult and worthwhile thing to do, is achieving what you need without bypassing z/OS integrity. Lennie Dymoke-Bradshaw | Security Lead | RSM Partners Ltd Web: www.rsmpartners.com ‘Dance like no one is watching. Encrypt like everyone is.’ -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Jesse 1 Robinson Sent: 26 November 2019 00:20 To: [email protected] Subject: Re: [IBM-MAIN] AUTHPGM in IKJTSOxx I'm having trouble imagining a scenario where an EBCDIC representation of an address would be useful. The problem is, in a job step situation, how would you figure out an address to pass? //STEP1 EXEC PGM=my-pgm,PARM=??? How would I figure out what address to pass? If instead my-pgm is called from another program, then I would not use the JCL parm format being discussed. In that case, I would pass the address directly without the EBCDIC conversion game. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-543-6132 Office ⇐=== NEW [email protected] -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Paul Gilmartin Sent: Monday, November 25, 2019 3:51 PM To: [email protected] Subject: (External):Re: AUTHPGM in IKJTSOxx On Mon, 25 Nov 2019 23:26:32 +0000, Jeremy Nicoll wrote: >On Mon, 18 Nov 2019, at 19:35, Seymour J Metz wrote: >> A program designed to run as a jobstep expects a parameter list whose >> first word points to a halfword length field followed by a character >> string of that length. The Initiator will always flag the first word >> with an end-of-list bit. So if the program follows normal rules, you >> can't pass it an address that way. > >Why can't the character string contain eg the eight character hex >representation of a 4-byte address, which the program converts back to >binary and tries to pass control to? > In fact, that character string could be any four octets comprising a legitimate AMODE 31 address. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
