Suppressed ICH35003I - Discuss!

[lnlyssg]

@mainframed @ayoul3 I'm working on a system where the ICH* part of the message is being supressed so ELV.APF is only getting "NO RACF DESCRIPTION FOUND" without the preceding ICH35003I message (same for ICH408Is etc.) so it reports "NO RACF PROFILE" instead of checking further. I suspect this is a fringe case so didn't want to put a commit in to fix it at this point without discussing further.....

[ayoul3]

mm no error msg? we can always add another check if there is no ICH* message. Do you have a stable string we can use for comparison ?

[mainframed]

This was always going to be the challenge with using REXX and parsing TSO command outputs. @ayoul3 and I have some assembler modules (thanks to a friend, DS) and I've been debating writing an assembler ELV.APF but:

1. I'm not confident enough in my assembler skills to do it
2. I don't know where to start
3. I hate writting TN3270 stuff in assembler

There could be a way that we write a quick assembler stubb that the rexx compiles to a tmp dataset and then calls that for RACF checking.

[lnlyssg]

@ayoul3 I'm getting the text of the message, just without the preceding ICH35003I so it says "NO RACF DESCRIPTION FOUND FOR JIM.TEST.DATASET"

[mainframed]

Couldn't you just add that test to the 'check_priv' function? On this line?

https://github.com/ayoul3/Privesc/blob/master/ELV.APF#L200

Something like IF INDEX(OUT.1,"ICH35003I") >0 OR INDEX(OUT.1,"NO RACF DESCRIPTION FOUND") >0 THEN DO

[lnlyssg]

I currently have the below in place which works, if that looks OK to you I will submit a pull request this evening:

IF INDEX(OUT.1,"ICH35003I") >0 && ,                   
    SUBSTR(OUT.1,1,19) = "NO RACF DESCRIPTION" THEN DO