On Fri, 2 Apr 2021 13:26:07 +0000, Pommier, Rex wrote:
>
>I'm asking this from a "I don't know" standpoint because I've never used them.
> Doesn't RACF have extended ACLs that could possibly come into play here? As
>in using RACF to grant read or execute authority to the script? If so, how
>would that be shown? I would assume that the "normal" Unix security would
>remain at 700 but the extended ACL would allow the access and show up
>elsewhere?
>
But allowing access in that fashion seems to violate POSIX:
https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap04.html#tag_04_05
4.5 File Access Permissions
...
Implementations may provide additional or alternate file access control
mechanisms, or both.
An additional access control mechanism shall only further restrict the
access permissions
defined by the file permission bits. ...
-- gil
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
