In <[email protected]>, on 12/12/2013
at 02:47 PM, Clark Morris <[email protected]> said:
>If the only code that is aimed for zAAP or zIIP is code that would
>have run authorized anyway, then no additional exposure is caused
>by their use.
That would be true if there were never any programming errors. Errors
in code running key 0 and supervisor are more likely to cause serious
problems than errors in AC(1) code running key 8 and problem.
>In regard to COBOL, I believe have seen things that say that XML
>services used by COBOL can run on a zAAP so the question comes as
>to whether these services would have to run authorized anyway.
My reading is that unauthorized code does a PC to invoke the service.
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
ISO position; see <http://patriot.net/~shmuel/resume/brief.html>
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
