On Sat, 23 Feb 2008 20:32:13 -0600, David Eisenberg <[EMAIL PROTECTED]> wrote:
>And of course (as I indicated in my original post), I need to be able to do this >without producing a RACF violation if the user is not authorized to read the >resource. What you haven't said, though, is why you "need" to avoid a violation message. If the user has given you a data set name and asked you to operate on it, and he does not have the proper authority, then it is most appropriate to have the violation occur. And it's most appropriate to get that violation by simply acceding to the user's request and trying to operate upon the data set as he requested. If the user has not asked you to operate on the data set, why are you doing so? Perhaps it would help if you explained your application's purpose. -- Walt Farrell, CISSP IBM STSM, z/OS Security Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
