Frank, By default a RACF userid can modify RACF dataset profiles which have a high-level qualifier of that userid. Also by default the RACF userid can create new data set profiles with the userid as the high level qualifier.
There are numerous way to alter this behaviour including use of GLOBAL profiles, RACF exits and products such as zSecure command verifier. So it really depends what else is present on your system. But by default you can create a generic profile to cover "your" data sets and then adjust the access list as you see fit using the PERMIT command. Lennie Dymoke-Bradshaw Consultant working on contract for BMC mainframe Services by RSM Partners 'Dance like no one is watching. Encrypt like everyone is.' -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Frank Swarbrick Sent: 06 November 2020 21:43 To: [email protected] Subject: Can a non-admin restrict others from viewing one of their own MVS data sets? In the Unix world one can use chmod (change mode) on their own files to make it so non-superusers cannot view a particular file. Is there anything similar for MVS data sets? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
