On Tue, 25 Mar 2025 13:18:54 +0000, Smith, Sean M <[email protected]> wrote: >We are looking to use RACF program control to limit use of a program to >specific LPARS.
"RACF program control" only keeps honest people honest. Vendors don't use this form of protection because no matter how hard you try, there is always a way around it (e.g. program alias, copy module to another library or ...). You haven't given any requirements so this being security, we must assume the worst possible situation where your program is IEFBR14 which does nothing secured. The most common methods we use would be APF, SVC or PC routine. APF & SVC aren't useful because no authorized instruction is executed. When using space-switching PC routine, the module is invisible to the caller but you would need to ensure the module is not accessible through other means (e.g. library is not read and execute protected). ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
