On 2/22/2006 3:50 PM, R.S. wrote:
In fact, RACF will never give you 100% confidence. Started tasks with
PROTECTED or TRUSTED attribute don't care about RACF profiles, there is
PPT, authorized code, etc.
Hardware feature is the only effective way.
FYI, you meant "PRIVILEGED" not "PROTECTED" above.
RACF exits will work to prevent even PRIVILEGED or TRUSTED STCs from
accessing data. However, you're right that the PPT could allow access,
or an authorized program could set the JSCBPASS flag, and OPEN would
never call RACF. So you're right that protection via RACF cannot be
%100 certain of making a "volume" read-only, though it may be "close
enough" in many cases.
Walt Farrell, CISSP
z/OS Security Design, IBM
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html