Referee Scott Fagen halts the contest at 2:30 of the 3rd round, for the
winner by TKO and STILL champeeeeen, Kiiiiiiiiidddddddd
Jaffffffffeeeeeeeeee!
----- Original Message -----
From: "Scott Fagen" <[EMAIL PROTECTED]>
Newsgroups: bit.listserv.ibm-main
Sent: Monday, December 10, 2007 4:43 PM
Subject: Re: MVS Command Authorization
Edward Jaffe wrote:
George Fogg wrote:
Seems like MGCEFAST is kind of like RACF truested where authority exits
are
bypassed and 99% of authority checks are passed just for issuing
commands
from
MGCRE.
MGCEFAST = Bypass SSI, command exits, and CMDAUTH.
MGCEFAST should be used only when that processing has already been done.
Precisely, Ed. MGCEFAST was created for things like cross system CPF and
CMDSYS processing to prevent such 'extra' processing. Checking and
auditing
twice wouldn't be too useful (and might be confusing!). Even worse would
be
the possibility of a command being infinitely routed about the sysplex as
a
command exit continually changed and caused the command to be forwarded
elsewhere...
Since MGCRE is an authorized service, enabling users to decide whether or
not such things are done is appropriate, since an authorized task could
likely do anything it wanted in determining its own security environment
(both for SAF and default MCS checking).
Scott Fagen
Enterprise Systems Mangement
(and one-time coder of MGCEFAST)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
