From: "R.S." > > While the answer is simple: .. > 3. You can protect the volume by protecting every dataset on it, and > protecting the volume from new datasets creation. First is being done by > creating DATASET profiles (it is not hard job, unless you have mess),
Useless (as in totally nonfuntional) for indirectly catalogued datasets. These are generally resident on the only volumes in the shop you want to make "read only" - for example to protect the production copies of SMP targets that get hit during system updates. > the second is easily done by SMS ACS routines, or IGGPRE00 exit (sample > in SAMPLIB). Adjusting either for different resvols during build cycles would be a PITA - and too error prone. I doubt auditors would approve of such. Bruces solution offers the best result - *WAY* too complex for such a simple need IMHO. The Security Server (nee RACF) people should be held responsible for this little pool of quicksand. Last I looked ACF2 had a simple solution to this - same probably applies to TSS. As with most things, this has been hashed before - the archives will be relevant. Shane ... ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
