× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. RPG400-L
  3. December 2002

RE: Can an RPG module call another RPG module?

This is a multipart message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
I take it this doesn't include the source for the operating system?
And, what is considered operating system?  For example, fax software too?

Rob Berendt
--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
Benjamin Franklin




"alan shore" <SHOREA@dime.com>
Sent by: rpg400-l-admin@midrange.com
12/12/2002 10:09 AM
Please respond to rpg400-l

        To:     <rpg400-l@midrange.com>
        cc:
        Fax to:
        Subject:        RE: Can an RPG module call another RPG module?


To paraphrase Forrest Gump - Bunk is as bunk does.
Do the proverbial "they" make banks jump through hoops. Of course they do.
God forbid anything should go wrong or missing. We are talking about
peoples accounts and money here.
As far as the source NEVER being on the PRODUCTION machine, that situation
can NEVER happen. Everything pertaining to the executable has to be
migrated to the Production region - COME WHAT MAY. If any piece is NOT
there - it does not go. Simple as that.
The idea behind all of this (and obviously you are not under the same
stringent rules) is that banks and financial institutions are trusted with
other peoples money. Banks etc have to provide as secure a places as
possible. Hence the bank I work for REQUIRES that any vendors supply the
sources etc with the application. If the vendor does not do this, then
they are NOT EVEN considered, even if they are the best application in the
world for counting widgets or whatever is being considered.
Can anyone spell ENRON or WORLDCOM or have we so soon forgotten.
Financial institutions cannot afford to be lax in their dealings with
honesty and being as secure as possible. IMHO

>>> <rob@dekko.com> 12/11/02 04:23PM >>>
This is a multipart message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
Sounds like they make banks go through a bunch of bunk.

Alan,  If the source is NEVER on the production machine in the first
place, how can they possibly be using the wrong version of the source?
Let's say you don't even have the compiler loaded on the production
machine.  Which we often don't.  The only reason that the compiler is on
our largest machine is because of one software package that generates RPG
on the fly for flexible reporting.

Do you also have to keep a list of vendor programs that have no source, in
the case of vendor purchased packages?  How do the auditors approve these?

Rob Berendt
--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
Benjamin Franklin




"alan shore" <SHOREA@dime.com>
Sent by: rpg400-l-admin@midrange.com
12/11/2002 12:34 PM
Please respond to rpg400-l

        To:     <rpg400-l@midrange.com>
        cc:
        Fax to:
        Subject:        RE: Can an RPG module call another RPG module?


Our auditors (internal and external) require ALL pieces (sources, modules
etc) to be migrated to the Production region, irrespective of the platform
that is being used. Mainframe, HP UNIX, AS/400 etc.
There has been TOO many cases where a developer has wanted source XYZ to
be modified due to a request from a user. Lo and behold XYZ is out there
in development, and rather than take the extra time to copy from the
production area, has used the one in development, only to find out AFTER
making the necessary changes that the source that ended up being used had
been change by some one else for some other reason. The result was then a
waste of time. The source would then have to be copied from the production
region and the changes re-applied to the correct version.

>>> "Joe Pluta" <joepluta@PlutaBrothers.com> 12/11/02 11:41AM >>>
> From: alan shore
>
> Sorry, I sent the last e-mail before I was ready to.
> The point I was trying to make was, if the modules etc are NEVER
> migrated to the production area, there is no way to satisfy an
> audit. (Been there, done that) If you can prove that the modules
> etc were migrated to the production area, and that when they were
> required again, they had been migrated back or accessed from the
> production area, the auditors will be satisfied (been there done that)

Do your auditors require source on the production machine?  A module is no
more relevant to the program object than is the source.  In a completely
secured environment, you would do neither compiles nor binds on the
production machine, so you'd need neither the source nor the modules for
auditing purposes.

Think of it the same way you would a C program.  You create a C program by
linking together a bunch of .obj files.  In a production environment,
you'd
never see those .obj files.

My .02

_______________________________________________
This is the RPG programming on the AS400 / iSeries (RPG400-L) mailing list
To post a message email: RPG400-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/rpg400-l
or email: RPG400-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.


_______________________________________________
This is the RPG programming on the AS400 / iSeries (RPG400-L) mailing list
To post a message email: RPG400-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/rpg400-l
or email: RPG400-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.


_______________________________________________
This is the RPG programming on the AS400 / iSeries (RPG400-L) mailing list
To post a message email: RPG400-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/rpg400-l
or email: RPG400-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.

_______________________________________________
This is the RPG programming on the AS400 / iSeries (RPG400-L) mailing list
To post a message email: RPG400-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/rpg400-l
or email: RPG400-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/rpg400-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.