On Tue, 10 Sep 2019 15:19:46 +0000, Lennie Dymoke-Bradshaw wrote: >Tom, > >Please examine, > >http://publibz.boulder.ibm.com/zoslib/pdf/OA56180.pdf > >The above document states that the SAF access is required both to obtain and >to access the storage. I suspect some tricky work around the segment and >paging tables has been used to achieve this. Hence the 1M granularity.
Thank you for that reference, Lennie. I see that I was mistaken. -- Tom Marchant > >Lennie Dymoke-Bradshaw | Security Lead | RSM Partners Ltd >Web: www.rsmpartners.com >‘Dance like no one is watching. Encrypt like everyone is.’ > >-----Original Message----- >From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> On Behalf Of >Tom Marchant >Sent: 10 September 2019 15:27 >To: IBM-MAIN@LISTSERV.UA.EDU >Subject: Re: [IBM-MAIN] APAR OA56180 / RUCSA > >On Tue, 10 Sep 2019 09:54:43 +0200, Martin Packer wrote: > >>If you are enabled to use User-Key CSA via RUCSA I believe you "have a >>ticket to THE party", the ONE AND ONLY party. Meaning you can access >>other users' allocations of User Key CSA. > >If I understand it correctly, anyone can access RUCSA storage once someone >obtains it. The limitation is on who can issue GETMAIN (or STORAGE OBTAIN) for >user key CSA. > >-- >Tom Marchant ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN