I started this thread in the RACF discussion group. I would like to protect some of the syscalls functions. for example, getpwent that returns information about users defined ()also) to racf. In order to retrieve information about a user in racf, you need to have attributes like special, (RO)Auditor at a global or group level, or have access to some functions (such listuser) that are protected by racf facility profiles. Is there a way to limit access to part of the functions? If not, why does IBM allow that? I know that this is a standard Unix behavior, but in the Z case, more information is retrieved.
ITschak ITschak Mugzach *|** IronSphere Platform* *|* *Information Security Continuous Monitoring for z/OS, x/Linux & IBM I **| z/VM coming soon * ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
