It's not. The exec will always run under the id of the user that started it. It is exactly the same as running the exec under your own TSO.
ITschak ITschak Mugzach *|** IronSphere Platform* *|* *Information Security Continuous Monitoring for z/OS, x/Linux & IBM I **| z/VM coming soon * On Sun, May 7, 2023 at 3:54 PM Paul Gilmartin < 0000042bfe9c879d-dmarc-requ...@listserv.ua.edu> wrote: > On Sun, 7 May 2023 04:43:27 -0500, Willy Jensen wrote: > > >This will issue any TSO command, but security-wise I think it opens a > barn door. > > > Why is that not cause for an integrity APAR? Wasn't the "barn door" > already open? > > >Save it as member TSOCMD in your SYSREXX lib. > > > >/* general TSO command rexx */ > > address tso arg(1) > > Exit 0 > > > >Sample use (@ is my SYSREXX command char): > > > >@TSOCMD LISTCAT ENT(SYS1.HELP) > > -- > gil > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
