Well, it might be as much work to manage, and so might not be what you want, but you could make use of the RACF DFP segments that everyone seems to ignore, which were designed originally to eliminate the need for programming ACS exit routines and things like FILTLISTs.
The DFP segment for the generic profile that will protect a new data set specifies a RESOWNER, which may be a user or group. Or, in the absence of a DFP segment, the high-level qualifier of the data set profile provides the RESOWNER value. The RESOWNER (a user or group) also has a DFP segment, which specifies the default management class, storage class, and data class for all new data sets created on behalf of that RESOWNER. The defaults can be overridden by JCL or IDCAMS constructs, or the ACS routines if you have them, but they could easily assign appropriate default values without the need to keep updating ACS routines or FILTLISTs if you have a data set naming convention that is amenable to this use. You might need to assign a few dummy user IDs or group names to hold DFP information, but then you can simply set the DFP segment for an appropriate DATASET profile to the proper RESOWNER, and get defaults for anything new protected by that profile, and you're using RACF's generics rather than coding FILTLISTs. (For some reason, it always seemed that the first (and possibly later) generations of DFSMS educators seemed to be more RACF-phobic than the DFSMS designers were, and so they seemed to actively discourage usage of these functions, instead preferring that storage management folks become programmers. Of course, it may be that they simply didn't want to have to understand RACF, and felt that storage administrators shouldn't have to, either. Thus my comment above that everyone seems to ignore these functions. But especially if you're in a shop where you do both RACF and storage functions, or if you're in a shop where you actually talk to your colleagues and have good working relationships with them, the use of DFP segments might help you.) -- Walt Farrell IBM STSM, z/OS Security Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
