-- snip -- With this in mind, is there something else protecting us from someone bypassing RACF program control with an unprotected copy of ISPF? Do the STGADMIN.** profiles in the FACILITY class protect the underlying functions? If so, is the RACF program control suggestion offer only a redundant protection? Or am I missing something else? -- snip --
RACF program protection can not only restrict the program call but also restrict the call to a specific library. I'm not sure I would call it redundant. For many users it may be enough protection. The STGADMIN. profiles offer a much finer level of protection - independent of where the ISMF load modules come from. It is what I always set up (especially to stop users making themselves into storage administrators). -- John ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
