Restricting message handling
Messages sent between programs provide the potential for integrity exposures.
At security level 50, you are able to restrict the messages sent between programs to protect the integrity of your system.
The following applies to message handling at security level 50:
- Any user state program can send a message of any type to any other user state program.
- Any system state program can send a message of any type to any user or system state program.
- A user state program can send a non-exception message to any system state program.
- A user state program can send an exception type message (status, notify,
or escape) to a system state program if one of the following is true:
- The system state program is a request processor.
- The system state program called a user state program. Note: The user state program sending the exception message does not need to be the program called by the system state program. For example, in this call stack, an exception message can be sent to Program A by Program B, C, or D:
Program A System state Program B User state Program C User state Program D User state
- When a user state program receives a message from an external source (*EXT), any pointers in the message replacement text are removed.