Remark: UPDATE to catalog is nothing dangerous: it means you're
allowed to catalog/uncatalog datasets.
You allow your users to catalog someone else's data sets?
Try READ access, plus generic profiles covering the data sets that the
user should be messing with. The requirements for the various cases
are covered in the RACF documentation.
Sorry, Seymour, not true. The quote below is from a RACF manual, but
briefly it says that to CREATE a catalog entry you must have UPDATE
authority to the catalog PLUS authority to create the dataset. To
manipulate or delete a catalog entry, you must have ALTER to either the
dataset OR the catalog. So users must have UPDATE to the catalog
contining their datsets, but they must also have authority to the
dataset names to create the entries.
>From the RACF Security Admin Guide:
For cataloged data sets, creating, deleting, or renaming the data set
involves access not only to the data set profile protecting the data set,
but also to the catalog in which the data set is cataloged. In general,
users need the following:
O To add entries to the catalog, users need authority to create the data
set as specified below and UPDATE authority to the catalog.
O To delete entries from the catalog, users need ALTER authority to the
protecting profile or to the catalog.
--
Bruce A. Black
Senior Software Developer for FDR
Innovation Data Processing 973-890-7300
personal: [EMAIL PROTECTED]
sales info: [EMAIL PROTECTED]
tech support: [EMAIL PROTECTED]
web: www.innovationdp.fdr.com
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html