No sure, Binyamin. A "need to know" is security rule of thumb. Why should a programmer or any other tso user which datasets are APF authorized, which are specified in LPA or Linlist? BTW, IBM recognized that this is a security issue and an ISPF panel is displayed requires YES to proceed.
ITschak On Fri, Jan 26, 2018 at 11:11 AM, Binyamin Dissen < [email protected]> wrote: > As this information is available to unprivileged programs, using SAF to > secure > it does not protect system integrity and is silly. > > On Fri, 26 Jan 2018 01:43:25 -0600 Andrew Metcalfe > <[email protected]> wrote: > > :>If you have a moment please review my RFE for ISPF's ISRDDN/DDLIST > function below. > > :>In summary it asks for SAF protection for some of the sub-functions such > as APF/DISASM etc. > > :>If you think it is a valid request please vote. > > :>If you think it's mad, please tell my auditors :-). > > :>http://www.ibm.com/developerworks/rfe/execute? > use_case=viewRfe&CR_ID=115532 > > -- > Binyamin Dissen <[email protected]> > http://www.dissensoftware.com > > Director, Dissen Software, Bar & Grill - Israel > > > Should you use the mailblocks package and expect a response from me, > you should preauthorize the dissensoftware.com domain. > > I very rarely bother responding to challenge/response systems, > especially those from irresponsible companies. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > -- ITschak Mugzach *|** IronSphere Platform* *|* *Information Security Contiguous Monitoring for Legacy **| * ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
