On Thu, 5 Apr 2007 18:48:49 +0000, Ted MacNEIL <[EMAIL PROTECTED]> wrote:
>I do have a question, though:
>
>Why do YOU want member-level security.
>Just move the members to another (protected) library.
>
That can work in some very restrictive cases, Ted, but not all cases.
Consider, for example, using a concatenation for SYS1.PARMLIB, say you have
SYS1.PARMLIB.A and SYS1.PARMLIB.B, concatenated in that order.
Further, suppose that user A should have UPDATE authority to members A1, A2,
and A3, while member B should have UPDATE access to members B1, B2, and B3.
Yes, you could put A1, A2, and A3 in SYS1.PARMLIB.A and give user A access
to only that data set. And you could put B1, B2, and B3 in SYS1.PARMLIB.B
and give user B access to only that data set.
Problem: What stops user A from creating B1 in SYS1.PARMLIB.A?
Walt
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
