On Thursday, 09/17/2009 at 04:00 EDT, "Gentry, Stephen" <stephen.gen...@lafayettelife.com> wrote: > As mentioned in my question below, we have to format the defined temp > minidisk every time. So, from that point of view, the data is gone. I > didn't think of the DDR situation. However, a class G user would have to > know where the T-DISK area is defined. They cannot issue a QUERY ALLOC > TDISK or QUERY TDISK command. T-DISK's can be placed anywhere, so > security by obscurity. I know that last comment won't fly with > auditors, which is what this whole curiosity going anyway. The auditor > is primary concerned with class G users.
The auditor's concerns are valid; if you do not enable CLEAR_TDISK, then a class G user can see residual data on a t-disk. Even if the user can't run DDR or ACCESS the disk, its contents are visible. If I get my way, ENABLE CLEAR_TDISK will become the default and you won't be able to change it. :-) Alan Altmark z/VM Development IBM Endicott