Well... I don't know about that (sysprogs). Probably - yes - from a pure security standpoint - but I was retiring a string of DASD one time and I screwed up the TMC (CA,'s) and it was a sysprog that saved my bacon. I suggested the only way out of the deal, but without his authority it would not have been possible.
All the best, Scott T. Harder -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]]on Behalf Of Ted MacNEIL Sent: Tuesday, May 05, 2009 7:39 PM To: [email protected] Subject: Re: ADRDSSU protection [was:RE: Using FTP to send loadlib] >Sorry, guys. In my world, Application Programmers have no business having access to Storage Management utilities like DSS. Period. That needs to remain a centralized function. ABSOLUTELY! Even sysprogs should not have access. Only those who are storage admins! Would you give RACF special to non-security types? Somebody pointed out that if you gave somebody OPERATIONS to an ID, they could do some damage. Well, don't give them the attribute! Doctor, it hurts when I do this. Well, stop doing that! - Too busy driving to stop for gas! ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ____________________________________________________________ Put your loved ones in good hands with quality senior assisted living. Click now! http://thirdpartyoffers.netzero.net/TGL2241/fc/BLSrjpYWs6wKmg86SaEesgnY9HAjKwhtk0jWNSkd1onKuGDWcnG4VLG0KNS/ ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
