[prev in list] [next in list] [prev in thread] [next in thread]
List: racf-l
Subject: Re: New Class - Jesjobs, BATCHALLRACF, TEMPDSN
From: Prakash Lalaram <prakash.lalaram () RIYADBANK ! COM>
Date: 2016-09-27 12:12:24
Message-ID: BCBC9312C8545048B64B9F97256F12D90124209D13 () ENTEXMBPRHOW2
[Download RAW message or body]
Many thanks for that - I was just preparing my email correspondence to inform all \
about the changes, and I will now include the Endevor team as well
Regards
Prakash Lalaram
Manager
IS Analyst
Tel.:+966-11-276-3000 Ext.: 2235 | Mobile.:+966-56-246-8228
prakash.lalaram@riyadbank.com
For clean environment, please avoid unnecessary printing.
-----Original Message-----
From: RACF Discussion List [mailto:RACF-L@LISTSERV.UGA.EDU] On Behalf Of Robert S. \
Hansel (RSH)
Sent: Tuesday, September 27, 2016 12:40 PM
To: RACF-L@LISTSERV.UGA.EDU
Subject: Re: New Class - Jesjobs, BATCHALLRACF, TEMPDSN
Prakash,
With regard to TEMPDSN, I should also mention that it can play havoc with Endevor. \
See RACF Tips article "TEMPDSN and CA-Endevor" via the URL below.
http://www.rshconsulting.com/racftips/RSH_Consulting__RACF_Tips__April_2009.pdf
Regards, Bob
Robert S. Hansel
Lead RACF Specialist
RSH Consulting, Inc.
617-969-8211
www.linkedin.com/in/roberthansel
http://twitter.com/RSH_RACF
www.rshconsulting.com
-----Original Message-----
From: Robert S. Hansel (RSH) [mailto:R.Hansel@rshconsulting.com]
Sent: Monday, September 26, 2016 6:19 AM
To: 'RACF Discussion List'
Subject: RE: New Class - Jesjobs, BATCHALLRACF, TEMPDSN
Prakash and Joel,
I would be hesitant to put UACC(ALTER) on the JESJOBS ** profile. It would allow \
anyone to cancel any job using the TSO CANCEL command. It would also allow anyone to \
manage any job via a product that used the new JES Modify Service. See our RACF Tips \
article on the JES Modify Service via the URL below. I'd be inclined to start with \
UACC(READ).
http://www.rshconsulting.com/racftips/RSH_Consulting__RACF_Tips__April_2014.pdf
There were other comments suggesting that you must wait until an IPL to activate \
TEMPDSN. While I would always wait until a system maintenance period before \
activating anything of this nature, activating it in conjunction with an IPL is no \
longer required if all your systems are at z/OS 1.13 or above. See our RACF Tips \
article on Temporary Dataset Protection via the URL below.
http://www.rshconsulting.com/racftips/RSH_Consulting__RACF_Tips__April_2012.pdf
Regards, Bob
Robert S. Hansel
Lead RACF Specialist
RSH Consulting, Inc.
617-969-8211
www.linkedin.com/in/roberthansel
http://twitter.com/RSH_RACF
www.rshconsulting.com
-----Original Message-----
Date: Sun, 25 Sep 2016 18:10:53 +0000
From: "Tilton, Joel" <jtilton@DTCC.COM>
Subject: Re: New Class - Jesjobs, BATCHALLRACF, TEMPDSN
G'Day,
In reverse order because of JESJOBS
JESJOBS!!!
It's a default RC of 08 class so you need to build a profile of ** UACC(ALTER) \
*before* you turn it on. Security by jobname is definitely a good thing though so \
keep heading in this direction. :)
TEMPDSN secures all temporary datasets.
I have seen different vendor products react to this with "strange" behavior over the \
years. So depending on what software you have installed you should check with the \
vendor to make sure they support it. I remember getting ICH408I messages for the \
temporary datasets themselves but of course there's nothing you can PERMIT to in that \
case. That was a rare case with an ISV product who's name I can no longer remember.
Regarding BATCHALL RACF I refer you to the post from Hayim Sokolsky on 9/6 @ 09:52 \
ET.
Joel Tilton
Senior Security Engineer
Mainframe Security Engineering (MSE)
Enterprise Computing and Communications (ECC) DTCC Tampa jtilton@dtcc.com
+1 813-470-2160
Visit us at www.dtcc.com or follow us on Twitter @The_DTCC and on LinkedIn.
To learn about career opportunities at DTCC, please visit dtcc.com/careers.
Classification: DTCC Non-Confidential (WHITE)
The views I have expressed in this email are my own personal views, and are not \
endorsed or supported by, and do not necessarily express or reflect, the views, \
positions or strategies of my employer.
Joel Tilton
Senior Security Engineer
Mainframe Security Engineering (MSE)
Enterprise Computing and Communications (ECC) DTCC Tampa jtilton@dtcc.com
+1 813-470-2160
Visit us at www.dtcc.com or follow us on Twitter @The_DTCC and on LinkedIn.
To learn about career opportunities at DTCC, please visit dtcc.com/careers.
Classification: DTCC Confidential (YELLOW)
-----Original Message-----
From: RACF Discussion List [mailto:RACF-L@LISTSERV.UGA.EDU] On Behalf Of Prakash \
Lalaram
Sent: Sunday, September 25, 2016 7:49 AM
To: RACF-L@LISTSERV.UGA.EDU
Subject: New Class - Jesjobs, BATCHALLRACF, TEMPDSN
Good Day
We are planning to activate the following classes
1. BATCHALLRACF
2. TEMPDSN
3.JESJOBS
I just need to know if all of the listed Classis's require a ** profile to be \
created when activating them
And besides the extremely knowledgeable RACF support people on this site, where else \
can I verify this. I am also looking at the
RACF Security Administrator's Guide SA22
Regards
Prakash Lalaram
Manager
IS Analyst
Tel.:+966-11-276-3000 Ext.: 2235 | Mobile.:+966-56-246-8228 \
prakash.lalaram@riyadbank.com
For clean environment, please avoid unnecessary printing.
هذه الرسالة و مرفقاتها (إن وجدت) تمثل وثيقة \
سرية قد تحتوي على معلومات تتمتع بحماية وحصانة \
قانونية . إذا لم تكن الشخص المعني بهذه الرسالة \
يجب عليك تنبيه المُرسل بخطأ وصولها إليك، و حذف \
الرسالة و مرفقاتها (إن وجدت) من الحاسب الآلي \
الخاص بك. ولا يجوز لك نسخ هذه الرسالة أو \
مرفقاتها (إن وجدت) أو أي جزئ منها، أو البوح \
بمحتوياتها لأي شخص أو استعمالها لأي غرض . علماً \
بأن الإفادات و الآراء التي تحويها هذه الرسالة \
تعبر فقط عن رأي المُرسل و ليس بالضرورة رأي بنك \
الرياض ولا يتحمل بنك الرياض ي مسئولية عن \
الأضرار الناتجة عن أي فيروسات قد يحملها هذ \
البريد
This message and its attachment, if any, are confidential and may contain legally \
privileged information. If you are not the intended recipient, please contact the \
sender immediately and delete this message and its attachment, if any, from your \
system. You should not copy this message or disclose its contents to any other person \
or use it for any purpose. Statements and opinions expressed in this e-mail are those \
of the sender, and do not necessarily reflect those of Riyad Bank. Riyad Bank Accepts \
no liability for any damage caused by any virus transmitted by this email.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic