> -----Original Message----- > From: IBM Mainframe Discussion List > [mailto:[EMAIL PROTECTED] On Behalf Of Irwin M. Deutsch > Sent: Tuesday, September 13, 2005 2:12 PM > To: [email protected] > Subject: RACF Stop/Start? > > > Hi, > > Our auditor has asked why have not protected the command to > 'stop' racf. > Neither I nor our MVS gurus know of such an animal. I found > some STOP for > RRSF in System Command manual, but that's just some part of RACF. > > Any ideas on what our auditor is talking about? > > > Thanks, > > Irwin Deutsch > AIG Sunamerica > (DB2/CICS guy tinkering with RACF)
There is no way to stop RACF from doing its security work. Period. Well, destroy the active RACF database will do it (been there, done that, not fun!). There can be a RACF started task. This started task has two functions. The first is to allow a security administrator to logon to a z/OS console and enter RACF command such as ALU, LU, etc as they would normally do in TSO. The second is to act as an end-point for RRSF. Your auditor is likely used to an ACF2 or TopSecret shop. If the ACF2 or TSS started task is not running, then your security system is down and things are nasty (I've done that too, I'm old and made many mistakes over the years). RACF does not have this vulnerability. -- John McKown Senior Systems Programmer UICI Insurance Center Information Technology This message (including any attachments) contains confidential information intended for a specific individual and purpose, and its' content is protected by law. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this transmission, or taking any action based on it, is strictly prohibited. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
