On 23 Feb 2008 08:07:34 -0800, in bit.listserv.ibm-main
(Message-ID:<[EMAIL PROTECTED]>)
[EMAIL PROTECTED] (Walt Farrell) wrote:
I wouldn't have thought that there would be a security
issue with merely
interrogating an authorization level, but perhaps I'm
wrong...
One could argue that letting you determine your access to
resources without
actually trying to use them (and thus without causing
audit records) is a
form of hacking. You're looking around trying to figure
out what you can
do, rather than simply doing your job.
For your own userid, you can use LISTDSD or RLIST to
check resource authorization without cutting audit
records. But, unless you have sufficient RACF or APF
authorization, you can't check the access *someone else*
has to resources.
--
I cannot receive mail at the address this was sent from.
To reply directly, send to ar23hur "at" intergate "dot" com
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
