On Tue, 10 Sep 2019 15:19:46 +0000, Lennie Dymoke-Bradshaw wrote:

>Tom,
>
>Please examine, 
>
>http://publibz.boulder.ibm.com/zoslib/pdf/OA56180.pdf
>
>The above document states that the SAF access is required both to obtain and 
>to access the storage. I suspect some tricky work around the segment and 
>paging tables has been used to achieve this. Hence the 1M granularity.

Thank you for that reference, Lennie. I see that I was mistaken.

-- 
Tom Marchant

>
>Lennie Dymoke-Bradshaw | Security Lead | RSM Partners Ltd  
>Web:              www.rsmpartners.com
>‘Dance like no one is watching. Encrypt like everyone is.’
>
>-----Original Message-----
>From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of 
>Tom Marchant
>Sent: 10 September 2019 15:27
>To: IBM-MAIN@LISTSERV.UA.EDU
>Subject: Re: [IBM-MAIN] APAR OA56180 / RUCSA
>
>On Tue, 10 Sep 2019 09:54:43 +0200, Martin Packer  wrote:
>
>>If you are enabled to use User-Key CSA via RUCSA I believe you "have a 
>>ticket to THE party", the ONE AND ONLY party. Meaning you can access 
>>other users' allocations of User Key CSA.
>
>If I understand it correctly, anyone can access RUCSA storage once someone 
>obtains it. The limitation is on who can issue GETMAIN (or STORAGE OBTAIN) for 
>user key CSA.
>
>--
>Tom Marchant

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Reply via email to