Hi, how can we force the effective userid in z/OS Unix to be set to the real end user's userid, instead of that of the STC, in multi-user address spaces (such as IMS MPR or CICS)?
Say user FOOBAR starts an IMS transaction. The IMS MPR runs under user IMSMPP. If the transaction uses any Unix System Services, such as mkdir (BPX1MKD), Unix will always take IMSMPP as the effective userid. This is evil. What's worse, you can't even change the effective userid with seteuid, unless you grant BPX.DAEMON to IMSMPP. Ideally, I'd like to prevent the transaction from calling any Unix services under userid IMSMPP (using RACF, or IMS or Unix configuration). Regards, Boris ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
