>1) Is there another way to protect the OMVS environment > instead of using HFS Security under ACF2?
I admit, I don't have practical experience with "HFS security under ACF2", but I can't get rid of my bad feeling about this. If you're going to be using z/OS UNIX, you should understand UNIX security and what UNIX applications can do with it, and what they expect. I would not use anything else than permission bits and ACLs provided by z/OS UNIX file systems. Just my $0.02 >2) We would like to provide certain access to certain OMVS > directories for the outside client, is there a product > that will interface with CICS/TSO/IDMS that will provide > the security protection? I would always want to be able to exactly know who was doing what when people get "direct" access to data. This implies that users accessing data have to identify themselves with a unique userid. Now, if this access encompasses the UNIX file system, then users also need to identify themselves with a unique UNIX id, i.e. uid. I'd try to avoid implementing the default uid/gid whenever possible. Sooner or later you might start using NFS to access other UNIX server's data. All your users yould be seen as a single user by those servers. Probably not what you want. Just another $0.02 of mine, which makes it $0.04 so far. Budget is used up, so I'll have to stop here :-) -- Peter Hunkeler Credit Suisse ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
