Well, iffin' it 'twere me. I'd likely tell the TSO user: "You must allocate the dataset thusly:" and give them the correct ALLOCATE with the SUBSYS parameter. I would then have RACF set up to disallow them any access to the dataset directly. I.e. put the burden on THEM.
For ISPF access, my assumption is that they only have BROWSE ability, not EDIT. I would set up an alternate "option 1" with something like: B - Browse a secured dataset. This would duplicate the function of browse, using the BRIF interface. Have this get its records via a DD name which is allocated with the SUBSYS parameter needed. -- John McKown Senior Systems Programmer UICI Insurance Center Information Technology This message (including any attachments) contains confidential information intended for a specific individual and purpose, and its content is protected by law. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this transmission, or taking any action based on it, is strictly prohibited. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
