In <b87b659dd927674f9e6efedc85bd8cae762...@uknohp17.easf.csd.disa.mil>, on 04/09/2014 at 02:27 PM, "Storr, Lon A CTR USARMY HRC (US)" <lon.a.storr....@mail.mil> said:
>Due to an audit requirement, we shall be enabling the "ERASE" >function provided by RACF. Given your address, that's probably overdue. >2) Via a program that uses EXCPVR (or SSCH) I hope not the latter. You might have situations justifying direct use of STARTIO, but I can't conceive of a situation justifying bypassing IOS and doing your own SSCH, nor would I expect sympathy from IBM when (not if) things go tits up. >If the aforementioned is true and complete, the "ERASE" functionality >doesn't appear to have any practical purpose other than to slow down >the scratch process. So, I assume that I'm missing something. When you allocate a new dataset, you have access to the residual data on the tracks that it contains. You're probably configured to automatically write an EOF on the first track, but regardless there's an exposure for everything else. >Can a non-authorized user gain access to these "scratched" areas of >DASD? Yes; see above. It doesn't even require intent. -- Shmuel (Seymour J.) Metz, SysProg and JOAT ISO position; see <http://patriot.net/~shmuel/resume/brief.html> We don't care. We don't have to care, we're Congress. (S877: The Shut up and Eat Your spam act of 2003) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN