NOTICE: All information in and attached to the e-mail(s) below may be proprietary, confidential, privileged and otherwise protected from improper or erroneous disclosure. If you are not the sender's intended recipient, you are not authorized to intercept, read, print, retain, copy, forward, or disseminate this message. If you have erroneously received this communication, please notify the sender immediately by phone (704-758-1000) or by e-mail and destroy all copies of this message (electronic, paper, or otherwise). Thank you.
Didn't gethostbyname require, or at least used to require, the datasets below? My guess is the SYS1.TCPPARMS below might be the SYSTCPD card. The SYS1.TCPIP.HOSTS.SITEINFO would be based on DATASETPREFIX in SYSTCPD. -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of R.S. Sent: Wednesday, November 22, 2006 8:37 AM To: [email protected] Subject: Re: TCPIP Racf Protection for application? Denis Gäbler wrote: > Hi, > > there is a COBOL application which is supposed to do TCP/IP calls > nowadays. When starting the application (TCPIPAPP) it requests READ > access to the following datasets: > SYS1.TCPIP.HOSTS.SITEINFO > SYS1.TCPPARMS > The application is started with the callers Userid. > > > Are there better solutions, ideas for that? IMHO there are two choices: 1. Follow Rob's advice and narrow down the scope of persons able to READ those datasets. You can still try PADS (when program), however PADS could be difficult to set up, unless you run the program in batch. Anyhow some users will need access to "tcpip" datasets. 2. I'm not expert, however I suspect the application can be redesigned so it won't require access to any tcpip dataset. Those datasets are probably required to read current tcpip configuration which can be obtained through command or API. IMHO reading configuration from files is error-prone - there is always possibility to read wrong (i.e. obsolete) one. -- Radoslaw Skorupka Lodz, Poland ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
