W dniu 21.08.2022 o 14:09, kekronbekron pisze:
IMHO JES will not allow any job without RACF userid.
It's not a matter of opinion..
Haven't you seen jobs or ad-hoc STCs show up with a 'Owner' of ++++++++ ?
I don't know entirely, maybe +++++++ is defined as an ID by default in some/all
ESMs.
What about JES(BATCHALLRACF)? Can you comment it? Doesn't it work?
Regarding ++++++++ - yes and no. Yes, I've seen it. No, NOT IN MY SHOP.
It is not good idea to have NJE with untrusted nodes.
True, however, it's not about expected nodes.
Some years ago, I've seen a script called iNJEktor or something.
It'll try to brute force connect to nodes.
If I'm remembering right, after we all witnessed the song & dance about this
script, IBM added some extra security measures for NJE.
Expected nodes? Are they any unexpected ones?
This is part technical problem (do no allow them) and part
organizational. The second one is very serious, because it means lack of
control over whole mainframe environment.
--
Radoslaw Skorupka
Lodz, Poland
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
