Re: Cobol data protection? Get a dog...
From: RKRayhawk (rkrayhawk_at_aol.com)
Date: 10/10/03
- Next message: RGonzalez: "Re: Short term contract work (1M) for indian internet programmers"
- Previous message: Alex Varghese: "Short term contract work (1M) for indian internet programmers"
- In reply to: Peter E.C. Dashwood: "Re: Cobol data protection? Get a dog..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 10 Oct 2003 21:49:17 GMT
One of the more effective posters here,
"Peter E.C. Dashwood" dashwood@enternet.co.nz
Date: 10/7/03 7:27 PM EST
Message-id: <3f835b32$1_7@news.athenanews.com>
Commented in part, ...
<<
It would be foolish to abandon the network because it is perceived to be
"insecure". The fact is, it can be as secure as you are prepared to make it.
>>
In passing, let me cite
http://money.cnn.com/2003/10/09/technology/hacker.reut/index.htm?cnn=yes
for several reasons. First, although we are obligated to keep this newsgroup at
or near the subject of COBOL. The real interest, atleast generally, is
business.
Additionally, IMHO, it is useful to reset the basic interpretation of the
danger. The danger on the internet is not perceived, it is very real.
So any and how, back to the top.
I find at the incredibly generous IBM site,
http://publibfp.boulder.ibm.com/cgi-bin/bookmgr/BOOKS/igy3lr10/6.1.2?DT=20
020920180651
the following piece of information concerning
the PROCEDURE DIVISION header, and particularly the USING clause ...
"Parameters specified in the USING phrase of a method Procedure Division
header must be passed to the method BY VALUE. "
Now that dove-tails for me. But I have some questions and would like to lean on
some of you who are most knowledgable about the standards process.
Is this BY VALUE only rule for methods the standard? Are most of the vendors
sticking to it?
If it is the standard, is consciously an attempt to keep COBOL in a specific
category of procedural languages? Is this the establishment of a definition for
the language according to a theory that we may get more protection by avoiding
the 'common' reference items?
Or is this just what can be agreed on so far?
Clearly, in an interoperable environment, resolving the addresses when
attempting to
dereference a reference (back to the invokers WS or worse back up through the
LS of a mainline flatland program which can invoke an object) is a serious
problem. So I could see vendors resisting BY REFERENCE, just for
feasibility of early product getting to market soon.
I am aware that you can pass an object reference to a method, which is a whole
nother can of worms. And indeed, because arrays are objects you can pass arrays
of object references. I need to understand that better.
But it stands to reason that an object reference
is a different kind of thing than mere reference,
and there is atleast the possibility of evolving
seriously constrictive shepherding for itl.
So, the question is, does this rule reflect a conscious design decision to keep
COBOL in
a category of procedural type languages that
prevent access by the invokee to the invoker's
data area? Has there been elaborate discussion of this in the standards
process, and does the rule reflect a fairly strong commitment to such a theory
of source coding?
Best Wishes,
Bob Rayhawk
RKRayhawk@aol.com
- Next message: RGonzalez: "Re: Short term contract work (1M) for indian internet programmers"
- Previous message: Alex Varghese: "Short term contract work (1M) for indian internet programmers"
- In reply to: Peter E.C. Dashwood: "Re: Cobol data protection? Get a dog..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
