|
> I second that. Hacking programs to system state may be a common technique > among SOME MI programmers, but it's one for which I've done my best to > remain ignorant of the details, because (1) nearly everything I write is > part of some commercial product that's expected to be > Security-50-friendly, and (2) commercial products with hacks in them (the > only reason I know of to patch to system state) tend to be less reliable > (and less trusted) than those that stick to supported APIs. And I can place myself in that camp too - nothing I have coded that has become part of a product that someone paid money for has ever needed to incorporate the patching of the objects state. > While I still think it ridiculous to keep a system locked up with > QFRCCVNRST set so high it won't accept non-observable programs compiled on > an earlier release, this is a genuine security threat, and if some vendor > is still putting out commercial products (or custom jobs, for that matter) > that aren't Security-50-friendly, you're probably better off looking for a > different software vendor. I totally agree that there is no need to patch a program into system state for commercial products. If you re-read my emails on this patching subject, none of them advocate doing that. --phil
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
