On Feb 16, 2006, at 10:07 PM, tony babonas wrote:
I hasten to clarify, we restrict program usage, in our
case SAS, by restricting the load library from which it
is executed, for example our permission was written as
follows:
TSS PER( SASPROF ) DSN( HLQ.SAS.LOADLIB ) ACCESS(FETCH)
SYSID(ESYS)
Since our search algorithm is "merge, all merge" users
of SASPROF can only execute load modules from this
file, via only 1 lpar. Shops using "override, allover"
would be required to place SASPROF as the first profile
for each of its users.
Sorry for the initial misstatement.
tb
Tony,
I think SAS requires APF authorized library which you can control as
well .
If someone copies "sasprof" to another library(and renames it)
(along with any other modules) and the SAS program doesn't need (apf)
authorization it is still wide open, no?
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
