Mark Pace wrote:
I'm installing zOS 1.7, yes, still.
Part of the TCPIP IVP asks if I have a BPX.DAEMON environment. I don't
know, and I don't know how to figure it out. Where would I look to
determine if I have a BPX.DAEMON?
I believe, you should check RACF CL(FACILITY) profile BPX.DAEMON (such
profile should exist, or more generic profile, like BPX.**). The second
thing is program control over some TCPIP libraries. You should have
CL(PROGRAM) ** profile created, but pay attention at ADDMEM list. I
can't remember specific library names, but adding whole LNKLST is good idea.
Cautions:
1. BPX.DAEMON should have very limited access list. No human user should
have access. (access is READ/NONE).
2. "non-BPX.DAEMON" environment is not good also. It means that
everybody with UID(0) could switch his identity to any other user in
RACF (but the user must have UID also). In the past I wrote piece of C
code that "hacked" RACF using this hole. It is feasible and quite easy
to do.
--
Radoslaw Skorupka
Lodz, Poland
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
