Many years back I IPLed my onepak system with RACF disabled to see what happened.Every access of a resource sent a reply prompt to the console for YES/NO.It took a while but I eventually got enough of MVS up that I could logon to TSO/E.I considered writing my own RACF exit that returned OK for every access request, but in the end I just built a default RACF data base for that system to use.Maybe SAF still works the same way. -------- Original message --------From: zMan <zedgarhoo...@gmail.com> Date: 5/5/22 00:51 (GMT+08:00) To: IBM-MAIN@LISTSERV.UA.EDU Subject: SAF without an ESM On https://www.ibm.com/docs/en/zos-basic-skills?topic=zos-what-is-saf , IBMsays:> System authorization facility or SAF is an interface defined by MVS™ that> enables programs to use system authorization services to control access to> resources, such as data sets and MVS commands. SAF either processes> security authorization requests directly or works with RACF®, or other> security product, to process them.Someone on r/mainframe asks what SAF does without an ESM. I'm thinking "notmuch", but the last sentence above sort of suggests otherwise--unless "SAFeither processes security authorization requests directly" means "returnsRC=0 in all cases", in which case it would be accurate but IMHO overlyvague. Thoughts?----------------------------------------------------------------------For IBM-MAIN subscribe / signoff / archive access instructions,send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
