Post by Greg Smith Post by dougbarc
You could even do things IBM said wouldn't work... long as you could
run in supervisor state. I remember writing some code that, for
security reasons, never went through open/close. It was code written
as an SVC and used for TSO during user logon to get some information
and provide authorization for some services by reading from the jobq
back when that was just a file on disk. The code built it's
own 'open' DCB, DEB, and the I/O appendages, as if it'd gone through
open. Yet if there was a dump or if someone put in code to run
control blocks, it never appeared. One never saw the data in DCB's,
DEB's because the control blocks were never on the DCB or DEB chains,
etc. Of course all of that went away once we got to MVS. IBM had a
little more checking in their code at that point. :)
I coded something similar a few years ago, the offlindr program.
Basically the program would dump to a dsorg=ps dataset an offline
dasd unit, track image by track image. No open. Runs on z/os.
Didn't try to hide the control blocks though.
The Heath Dept, new owners of 'our' 168s installed a user svc to get one
into superfighter state, key zero.
It is, of course, pretty easy to find user SVCs, so this was no
One only, I coded and ran a program that opened a file on disk, so it
had all the right control blocks.
I then used this SVC to change the UCB pointer in the DEB to point to a
Back in Clark Kent mode, I wrote a buffer of 3270 datastream to the file
& closed it.
As expected, I wrote sucessfully on the screen.
Reading from these devices is trickier: you need an attention routine
linked in some place so as to get control when a user presses an
attention key so you know _when_ to read it.
The official way was to code these appendages, install them in LPALIB or
somewhere, then re-ipl. _I_ would have loaded them myself, and put the
correct pointers in the DEB. I could have done that without disrupting
the other poor sods trying to use the computer at the time.
Years later, I revisited this, officially this time. For Wang-related
reasons we were using three-character userids.
Now, you can't encode much information into three characters, especially
when you are going to have 2000 or more users (not all at once on the
same computer, thankfully).
The plot was to have a table that would map the users into the group
membership (needed for ACF/2) and their location (needed for
distributing printouts, and on occasion, to discover which building or
even city to find someone).
The Security folk quickly won the nomination to maintain this information, the remaining questions were
1. Where to put it?
2. How do we get it there?
3. How do we validate the crud the security people code up?
My suggestion (accepted probably because I was sole advicer), was to put
it in CSA, we'd use CVTUSER to point to a series of pointers, one of
which pointed to this table. (This structure because I'm loathe to use
something that might be wanted for something else, and in fact, there
was something else).
I proposed a program I'd write that would get it there, and in order to
do it "properly" it needed to be ACF-authorised.
There was also the question of checking the data - no REXX back then -
and I suggested ASSEMBLER macroes, and I'd wrap it all into ISPF
dialogues (I was the king of them anyway).
There were lots of ways to do this - could have used TSO command
procedures to check the data, could have written it to a flat file (and
who knows, the security boffins could then have tampered with them).
What I proposed was that I create an object deck which we'd then link
into a load module.
Now, APF barks if an authorised program loads a load module from an
unauthorised library, and giving access to Security to an APF-authorised
library would be a security breech. (If they change the ACF/2 rules,
that's entirly their affair, but we're not making material changes to
the safety of the system).
No worries. Here's how it's done:
1. Open DCB.
2. Slip into key zero.
3. Mark the DEB authorised.
4. Load the module into CSA using the newly-authorised DCB.
5. Update the pointer to point to the new table.
6. Free the old one, if it exists.
6. Back to Duffer Mode.
How I violated ACF/2 security can wait for another day;-)
Join the "Linux Support by Small Businesses" list at
Copyright John Summerfield. Reproduction prohibited.
------------------------ Yahoo! Groups Sponsor ---------------------~-->
Buy Breakthrough Natural Health Specialties at VitaminBoost.com $20 to $40
Oral Sprays for Fast Results and Greater Absorption.