Look up Access Lists and the UNIX setfacl command. But having shred fulesystems where the UIDs and GIDs differ is just asking for headaches.
Imagine, in your case, if you had different RACFs and Group access on the two systems. I worked at a place which did that, supposedly so that they could easily track what a given person did on which system. On Wed, Jun 14, 2023, 17:05 Frank Swarbrick <[email protected]> wrote: > Yes. > > I have no idea. I certainly wouldn't know how to do something "backdoor" > with this. > > Yes. Me. > ________________________________ > From: IBM Mainframe Discussion List <[email protected]> on behalf > of Paul Gilmartin <[email protected]> > Sent: Wednesday, June 14, 2023 3:17 PM > To: [email protected] <[email protected]> > Subject: Re: Unix file system ownership > > On Wed, 14 Jun 2023 20:12:45 +0000, Frank Swarbrick wrote: > > >Well this was easy. My security admin gave my production user the same > UID value as in test/dev and everything fell in to place. > > > Are the TSO IDs the same? > > Does this give your test/dev user a back door to your production system? > > Are these the same person? > > -- > gil > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
