On 2017-04-24, at 12:20, Nims,Alva John (Al) wrote: > .... > ... you have to write to zFS first and then you can do a "!cp /<unix file> > //'CH2ICST.X.Y.R1'" (without the double quotes) to get it to MVS. > Why bother with a copy. Just leave it in zFS and adjust DD statements in subsequent jobs as needed.
With regard to John M.'s concern of "untold damage", the perpetrator can do nothing that couldn't be done by logging on to the z/OS account and executing the command there. If a security administrator has disabled shell on that z/OS account, there remains the need to similarly disable BPXWUNIX. Best just to limit the capabilities of that z/OS account: Protect the resources; don't rely on locking tools. That's how RACF works best. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
