× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. September 2005

RE: WHAT was IBM THINKING?!?!?, Re: QSYGETPH API

Then the API hasn't changed, has it? Did IBM release a PTF for older
operating systems to make the API have the same parms as the V5R3
version?

> -------- Original Message --------
> Subject: Re: WHAT was IBM THINKING?!?!?, Re: QSYGETPH API
> From: "Shannon O'Donnell" <sodonnell@xxxxxxxxxxxxxxxxx>
> Date: Thu, September 15, 2005 10:58 am
> To: <midrange-l@xxxxxxxxxxxx>
> 
> Take one step back on the holier than thou attitude there Doug.  Not all of 
> us have gone to V5R3 yet and have therefore had any need to read the memo to 
> users for that release yet.
> 
> 
> 
> -----Original Message-----
>     From: "Douglas Handy"<dhandy@xxxxxxxxx>
>     Sent: 9/15/05 9:13:09 AM
>     To: "Midrange Systems Technical Discussion"<midrange-l@xxxxxxxxxxxx>
>     Subject: Re: WHAT was IBM THINKING?!?!?, Re: QSYGETPH API
>     
>     Shannon, 
>     
>     > I did not notice that the length of the passWord is also required now. 
>     > That sucks. 
>     
>     
>     I don't think IBM ever breaks an existing public API lightly (unlike 
> another 
>     OS vendor who shall remain nameless...). But in this case, it appears the 
>     change was very intentional and was specifically changed in order to 
> thwart 
>     a possible exploit described by Scott. IBM takes security very seriously 
>     (again, unlike another OS vendor who shall remain nameless, or at least 
> they 
>     didn't used to...), and faced with a choice of keeping compatibility and 
> the 
>     exploit working, or closing the exploit by requiring relatively minor 
>     changes to user programs, they chose what seems to me to be the only 
> logical 
>     alternative.
>     
>     But they also documented the change in the Memo to Users. Reading that is 
>     part of your release update planning, isn't it? Why do you think they 
> bother 
>     to write the Memo to Users?
>     
>     In terms of James' question "What was IBM thinking?!?", the answer 
> appears 
>     to be security. But I also don't fault IBM for being vague and not 
> spelling 
>     out the exact exploit, since this change only closes it for V5R3 users. 
>     Given the circumstances, do you really think it would be better to leave 
> the 
>     API the way it worked in the past?
>     
>     Doug
>     -- 
>     This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing 
> list
>     To post a message email: MIDRANGE-L@xxxxxxxxxxxx
>     To subscribe, unsubscribe, or change list options,
>     visit: http://lists.midrange.com/mailman/listinfo/midrange-l
>     or email: MIDRANGE-L-request@xxxxxxxxxxxx
>     Before posting, please take a moment to review the archives
>     at http://archive.midrange.com/midrange-l.
>     
>     
>     
> 
> -- 
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
> To post a message email: MIDRANGE-L@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/midrange-l
> or email: MIDRANGE-L-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.