[prev in list] [next in list] [prev in thread] [next in thread] 

List:       racf-l
Subject:    Re: Preventing removal of RESTRICTED
From:       retired mainframer <retired-mainframer () Q ! COM>
Date:       2018-03-29 5:49:38
Message-ID: 013801d3c721$baa8cff0$2ffa6fd0$ () q ! com
[Download RAW message or body]

> -----Original Message-----
> From: RACF Discussion List <RACF-L@LISTSERV.UGA.EDU> On Behalf Of Gibney,
> Dave
> Sent: Wednesday, March 28, 2018 5:27 PM
> To: RACF-L@LISTSERV.UGA.EDU
> Subject: Preventing removal of RESTRICTED
> 
> I have programmers who have authority (via GROUP SPECIAL) to manipulate
the userids
> used by our batch work. Recently, one removed the RESTRICTED attribute.
> 
> Is there a way to make this authority more granular than GROUP SPECIAL?

People who cannot be trusted to use the authority properly should not have
it.  

In what way do these users need to manipulate the IDs?  There might be a way
to authorize the specific tasks without GROUP SPECIAL.
[prev in list] [next in list] [prev in thread] [next in thread]