On 20/08/2023 8:53 pm, Mike Cairns wrote:
I worked at one site many years ago where the local specialist had actually
tested across multiple IPL's the necessity for each and every one of these
tasks to actually have the TRUSTED attribute and the conclusion was that many
of these did not actually need to be TRUSTED and could manage perfectly fine
using normal RACF access to resources granted via permissions to profiles.
I worked at a site which did a similar exercise. The risk is:
1) If the doc says it should be trusted, IBM are free to add functions
that require access to other resources without documentating them. It's
possible that IBM don't even consider what access would normally be
required for an address space they specify as TRUSTED, or test it
without TRUSTED.
2) There may be functions that are invoked only in unusual
circumstances, so you only find out that access is missing when you are
already dealing with a problem.
Not worth the risk, in my view (our security group disagreed!)
--
Andrew Rowley
Black Hill Software
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
