On 9/14/2005 1:45 PM, Bruce Black wrote:
Sorry, Seymour, not true. The quote below is from a RACF manual, but
briefly it says that to CREATE a catalog entry you must have UPDATE
authority to the catalog PLUS authority to create the dataset.
That is only true for non-SMS-managed data sets, as it turns out. See
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dgt2c140/5.2.1?SHELF=EZ2ZO10F&DT=20050616141325
or http://makeashorterlink.com/?B2E843DCB
The best description of the authorities you need will be in the DFSMS
books, not in RACF books. As DFSMS is the one that performs all the
checks, only they really know what the authorities are for the various
cases.
Walt Farrell, CISSP
z/OS Security Design, IBM
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
