Denis I'm glad you managed to get your e-mail "block" situation resolved.
Also an apology for my last post. I see I misunderstood Radoslaw's point 2. He thinks your programmer is reading the files directly when I assumed the files were being read through the agency of the gethostbyname() - or similar - call, in other words, the official API. It would appear the programmer *is* using the API. Removing the gethostbyname() call is not really a solution so much as a "bypass" to your problem - as implied by Pat O'Keefe. An application programmer should be entitled to use the gethostbyname() call without being tripped up by the SAF (e.g. RACF) product. I already asked in this thread whether or not it really was a general requirement that that "read" access be granted to the "resolver" files when a sockets program needed to use "resolver" calls. As it is said, the silence was deafening! I'm going to try a separate thread in the IBMTCP-L list in order to try to stimulate some interest in these mysteries. I checked the IP Configuration Guide using the keyword "SAF" but nothing appears to have been noted on the topic. Chris Mason ----- Original Message ----- From: "Denis Gäbler" <[EMAIL PROTECTED]> Newsgroups: bit.listserv.ibm-main To: <IBM-MAIN@BAMA.UA.EDU> Sent: Friday, 24 November, 2006 10:35 AM Subject: Re: TCPIP Racf Protection for application? > Sorry for not answering, but my webmail account is blocked now from sending > emails to bama.ua.edu. > > However, removing the gethostbyname() call from the program did solve the > problem. If the application is using IP addresses the access to the TCPIP > datasets is not required anymore. > > Thanks to you all. > Denis. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html