On 24 February 2016 at 15:46, Lopez, Sharon <[email protected]> wrote: > Do others use IPCS instead of systems programmers? I always thought of it as > a system's programmers tool but now we have application developers that want > access to it. What are the risks of giving access to developers? > > Thanks in advance.
There should be no risks at all to allowing application developers to use IPCS. It's a lot like the ancient (and evidently still not over) issue of giving access to AMASPZAP to application programmers (or anyone at all): you should protect the data, not control use of the program that uses that data. IPCS itself, like AMASPZAP, won't magically give away any secret data. If you think of it another way, anyone can write their own IPCS or AMASPZAP in REXX or COBOL or assembler or whatever and have it read any data that RACF/ACF2/TSS allows. So why not let them use the real one? IPCS *does* have some options that allow reading data from address or data spaces other than the current one on the running system, but these are controlled by RACF using resource names in the FACILITY class. Check out the IPCS Commands book in the section on the data description parameter. Or just search the book for the string BLSACTV. Certainly the default access will not allow reading of sensitive storage from the running system, but make sure that no one has given UACC(READ) or the like to any of the BLSACTV resources. Now back to the data. Typically an application programmer needs access to his or her own SYSMDUMP data, and they have that because they get to specify where the SYSMDUMP points. Or if it's a production job, then someone has to decide if they get access. The content is controlled by the system so that there is nothing there that might not also be in a SYSABEND/SYSUDUMP printable dump - it's just a lot nicer to examine with IPCS. The other types of dump that IPCS can process are System (SVC) dumps, and standalone dumps. An application programmer should not normally be given access to any of these, and indeed they should be very carefully controlled, as they can potentially contain data from any address space. If an application program causes a system dump to be taken (rare but not impossible), typically a sysprog will review it, and if necessary go over it together with the application programmer. How to deal with the security issues related to these dumps is a management issue, of course. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
