YMMV, but we've been running with that APAR applied for well over a year
without any fallout and didn't define that RACF profile.
Pinnacle <mailto:pinnc...@rochester.rr.com>
September 18, 2017 at 2:04 PM
I'm looking at the HOLDDATA for OA49446. RACF was changed to do
authorization checks against ALIAS, PATH, and AIX names instead of the
base names. There was no migration path specified to get to this new
RACF state, except for a chicken switch
STGADMIN.IGG.CATALOG.SECURITY.CHANGE. If you have read access to that
FACILITY class profile, you use the "old" method and not this new
method. Did everybody just define the profile with UACC(READ)? That
seems easier than taking all the ICH408I's that could result the other
way if you use dataset ALIASes and AIX's. What did you guys do for this
"fix"?
Regards,
Tom Conley
--
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Please be alert for any emails that may ask you for login information
or directs you to login via a link. If you believe this message is a
phish or aren't sure whether this message is trustworthy, please send
the original message as an attachment to 'phish...@timeinc.com'.
--
Mark Jacobs
Time Customer Service
Global Technology Services
The standard you walk past is the standard you accept.
Lt. Gen. David Morrison
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
