Re: Security Routines - bind by copy? (wasRE: Questionabout serviceprograms)

Joe Pluta wrote:

Doing an UPDPGM could work assuming you had the authority. This,
however, would probably leave incriminating tracks.

At the least it would change the last modified date, no?

And, depending on how the system is configured, log something in the object audit log.

I guess you could make your own version, put it higher in the library
list, and then delete it when you were done. But as Walden points
out, it's hard to know how to write that module.

Strange as it sounds, I've thought about this a fair bit ... and, when it comes down to it, anyone who would WANT to do this is probably skilled enough to pull it off.

The key here is: the routine that is performing the security function would need to adopt higher authority than the user normally has.
All you really need is a list of the procedures in the service program and the current signature, all these can be retrieved from the DSPSRVPGM command.

And the substituted service program doesn't really need to do anything in the applications context ... all it needs to do perform the mischief intended ... then it can abend, or invoke the original routine (if you know the prototype), or just return and do nothing. They key is: Something was done outside the normal security controls of the application.

Not impossible, but also not something the average i programmer is
going to know how to do. That's why I bind by copy.

Not impossible, but not all that hard either.
I suspect that the average i programmer isn't even going to be interested in doing something like this ... but someone who is could probably find out what they need in order to do it.

david