That is not the way the Initiator works. The Initiator is not APF-authorized.
Does your program use any key 8 storage (like the save area that was provided when your program was ATTACHed, or the subpool 0 area that you FREEMAIN when the program that you ATTACHed ends)? Could the unauthorized program that you ATTACHed modify these area in such a way that when your code does the LM and BR 14, it branches to some code created by the unauthorized program, so that the unauthorized program can cause code it created to run authorized under your task? When you ATTACH an authorized program and pass it a parm that is longer than 100 bytes, how do you prevent a buffer overflow security exposure if the authorized program you are ATTACHing copies the parm to a 100 byte buffer (which it assumes is a safe thing to do, because the system documentation stated that the maximum PARM= length was 100 bytes)? Jim Mulder z/OS Diagnosis, Design, Development, Test IBM Corp. Poughkeepsie NY > I am afraid I have not been able to follow the whole conversation. > However, it seems that perhaps attaching as a job step may be an answer? > > This is the way the Initiator attaches a program. The Initiator is > authorised, and uses a special attach which will either attach a program > in Problem State, or allow it to keep it's authorised state, if it is > being loaded from an authorised library, and is linked with the > appropriate option. > > This code has been used for 40 years in my enhanced JCL language Jol, > from which I created a program that allows parameters to be passed up to > 3,000 bytes. The program is called LONGPARM and is CBT file number 839. > > The enhanced JCL Language can be seen at www.Oscar-Jol.com > > Here is the part of the code that shows how the Job Step option can be used. > > ------ > *********************************************************** > * > * > * > * NOW ATTACH PROBLEM PROGRAM. 75311 > * > * Note: We could set up the SCT so that SMF records the "correct" > * program. Wait for user feedback. > * > * > ATTACH LA R1,#PARMPP Get Address of User Parameters > LH R15,#PARMPP Put some blanks at the end > LA R15,2(R1,R15) Point to end of string > MVC 0(20,R15),BLANKS > ST R1,ATASKPRM Store it > OI ATASKPRM,X'80' Set Hi Bit 75311 > LA R1,ATASKPRM Set R1 for Attach 75311 > XC TASKECB,TASKECB CLEAR ECB 75311 > MVC ATTACHL(ATTACHLN),ATTACHW INITIALISE ATTACH > * BECAUSE 'E' FORM DOESN'T INITIALISE > * ALL THE BITS. > ATTACH EPLOC=TASKNAME,ECB=TASKECB,SF=(E,ATTACHL), * > RSAPF=YES, * > JSTCB=YES,MF=(E,(1)) 76200 > LR R5,R1 > WAIT ECB=TASKECB > MVC TASKRETN(1),X'1D'(R5) SHIFT IN ABEND CODE > MVC TASKRETN+1(3),TASKECB+1 AND RETURN CODE > * NOW I'M BACK IN CONTROL,I.E THE SUBTASK FINISHED. > * WHAT AM I TO DO NOW ? > ST R5,CALLAREA > DETACH CALLAREA > TABEND TM TASKRETN,128 NORMAL RETURN FOR TASK? 75003 > BNO TESTGOBK YES,SO TEST GOBACK TO OS INDIC 76200 > IC R7,TASKRETN SET R7 = ABEND CODE > L R1,TASKRETN LOAD TASKRETN TO REG 1 > ABEND (1) > * N R1,=X'00FFFFFF' LEAVE RETURN CODE > TESTGOBK EQU * > SPACE 3 > RETNOS EQU * > LH R10,TASKRETN+2 LOAD 2ND 2 BYTES OF RETURN CODE > BADRETN EQU * > L R7,4(R13) LOAD R7 WITH PREVIOUS SAVEAREA ADDRESS > LR R1,R13 LOAD R1 WITH THE ADDRESS OF GOTTEN > * STORAGE > FREEMAIN R,LV=CONEND-CONSTART,A=(1) > LR R13,R7 SET R13=OLD SAVE > LR R15,R10 SET UP RETURN CODE > L R14,12(13) AND RETURN ADDRESS > LM R0,R12,20(R13) AND OLD REGISTERS > BR R14 AND BACK WE GO > * > ------ > > > Clem Clarke ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
