On Sun, 17 Oct 2010 01:08:52 +0200, Binyamin Dissen <[email protected]> wrote:
>Why on earth is the UTOKEN pointed to by CIBXUTOK in fetch protected storage? > >After all, the MODIFY interface is supported for non-privileged callers. Perhaps because (a) the CIB is in common storage and (b) the UTOKEN contains information (such as a group name and a SECLABEL name) that the installation might consider sensitive and want to keep private, rather than being visible to everyone running on the system. -- Walt Farrell IBM STSM, z/OS Security Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
