On Mon, 16 Mar 2015 12:44:20 -0700, Charles Mills wrote: >> if it were not designed to be invoked in an authorized environment, it >> should not be included in an APF authorized load library > Alas, that's an impossible goal, or at least impractical given the legacy milieu. I suspect there'd be much breakage if even IEFBR14 were removed from SYS1.LINKLIB and placed in an unauthorized library:
o Any CLIST containing CALL 'SYS1.LINKLIB(IEFBR14)' would fail. o Any authorized program using IEFBR14 as a stub/default would fail. (I doubt that IEFBR14 introduces any integrity exposure.) >2. ..., and it is the responsibility of any authorized caller to be certain >(how?) that calling it authorized will not generate an integrity exposure. > When I whined about the "(how?)" in connection with SMP/E a few years ago, before I knew even what little I now suspect about the nature of the weakness, Walt replied with words similar to "reasonable caution". I take that to mean that whatever flaw, it's (perhaps) susceptible to malicious exploitation, but highly unlikely to be triggered inadvertently. It's not necessarily IEBCOPY, but any program a programmer can name in a UTILITY entry. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
