unixmap



All about SAF, RACF, encryption, Firewall, Risk assessment and integrity concepts

unixmap

Postby frogerc » Wed May 26, 2010 5:13 am

Hi everyone.

Two questions, first, I use UNIXMAP to have control on the OMVS asigning, UID and GID. But I have heard that IBM recomends to don´t use it anymore...
Is this correct?

If I still use UNIXMAP is it correct to have more than 1 user using a UID? Or more than one group using a GID?

Thanks
frogerc
 
Posts: 6
Joined: Wed May 12, 2010 7:47 pm
Has thanked: 0 time
Been thanked: 0 time

Re: unixmap

Postby Robert Sample » Wed May 26, 2010 6:52 am

I think VLF (virtual lookaside facility) is IBM's preferred method of doing Unix id look ups, but it doesn't appear that UNIXMAP will be going away any time soon.

It is never a good idea to have multiple people sharing a user id or multiple groups sharing a group id. This violates security standards and does not allow for identification of who did what.
Robert Sample
Global moderator
 
Posts: 3719
Joined: Sat Dec 19, 2009 8:32 pm
Location: Dubuque, Iowa, USA
Has thanked: 1 time
Been thanked: 279 times

Re: unixmap

Postby frogerc » Tue Jun 08, 2010 10:43 pm

Thanks Robert

I'll look to VLF.
frogerc
 
Posts: 6
Joined: Wed May 12, 2010 7:47 pm
Has thanked: 0 time
Been thanked: 0 time


Return to Mainframe Security