>Some characteristic might be better than jobname. What about jobclass? And I >still think about OWNER. Either production jobs run with job scheduler as OWNER, or job scheduler has sufficient authority to control the OWNER of submitted jobs.
Why OWNER? Userid is the common control for production (independent of job-name). >Some programmers might have both test and production IDs. The production IDs would have no RACF TSO segments, guranteeing that production jobs are not submitted from TSO sessions. Giving programmers production ID's is one heck of an exposure. >RACF profiles would severely limit test ID access to production data sets (likely read-only). In most (if no all) shops this is already restricted. And, usually, not even read only is allowed. >Much of the enforcement could be delegated to common RACF facilities, with less than the historical (pre-RACF technology) dependency on user exits sensitive to jobnames. Welcome to 1980! I know of nobody using jobname to protect access. But, I could be wrong! - Too busy driving to stop for gas! ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
