> -----Original Message----- > From: IBM Mainframe Discussion List > [mailto:[EMAIL PROTECTED] On Behalf Of David Eisenberg > Sent: Friday, February 22, 2008 2:43 PM > To: [email protected] > Subject: Re: Newbie RACROUTE question: how to *test* authorization? > > > >Another way is to issue a RACROUTE REQUEST=EXTRACT< > >LOG=NONE< > > Am I correct when I say that both of these solutions require > APF-authorization > (or similar)? Might there be a way that would not require this? > > I wouldn't have thought that there would be a security issue > with merely > interrogating an authorization level, but perhaps I'm wrong... > > David
Yes, almost any RACROUTE function requires APF authorization. It could be considered a security breach otherwise because if anybody could do it, they could possibly find which RACF ids to target in order to get the access that they want to specific resources, rather than attempting to crack random IDs and hope for access. -- John McKown Senior Systems Programmer HealthMarkets Keeping the Promise of Affordable Coverage Administrative Services Group Information Technology The information contained in this e-mail message may be privileged and/or confidential. It is for intended addressee(s) only. If you are not the intended recipient, you are hereby notified that any disclosure, reproduction, distribution or other use of this communication is strictly prohibited and could, in certain circumstances, be a criminal offense. If you have received this e-mail in error, please notify the sender by reply and delete this message without copying or disclosing it. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
