Authorization for USS app



All about SAF, RACF, encryption, Firewall, Risk assessment and integrity concepts

Authorization for USS app

Postby Shady » Thu Jul 08, 2010 9:34 pm

OK... I've to say I haven't really experience with RACF, I'm in training phase... So may this is a stupid question...
Is there a possibility to give a USS application a permit to a SAF, independent from the user which runs the application?
Thanks for answers!

Greetz
Shady
Shady
 
Posts: 9
Joined: Sat Mar 13, 2010 11:55 am
Has thanked: 1 time
Been thanked: 0 time

Re: Authorization for USS app

Postby Shady » Sun Jul 11, 2010 9:14 pm

Nobody an idea?
Shady
 
Posts: 9
Joined: Sat Mar 13, 2010 11:55 am
Has thanked: 1 time
Been thanked: 0 time

Re: Authorization for USS app

Postby Robert Sample » Sun Jul 11, 2010 9:34 pm

I'm not sure what you're asking so it is difficult to answer.

However, Unix System Services does support the use of daemons which in z/OS are started tasks running in their own address space. Such programs usually require RACF entries and connections to facilities completely independently of any user id.

If this is not what you're asking, could you please restate your question?
Robert Sample
Global moderator
 
Posts: 3719
Joined: Sat Dec 19, 2009 8:32 pm
Location: Dubuque, Iowa, USA
Has thanked: 1 time
Been thanked: 279 times

Re: Authorization for USS app

Postby Shady » Sun Jul 11, 2010 10:40 pm

The situation is...
We installed an addition SFTP server which is able to cut SMF records. This requires that the User which connects to the SFTP server have read permit to SAF BPX.SMF but we don't want that everybody get a read to the facility...
So may there be an other possibility to solve the problem, for example a permit or sth. to the SFTP server independent to the UserID..?
Hope you know what I mean^^
Shady
 
Posts: 9
Joined: Sat Mar 13, 2010 11:55 am
Has thanked: 1 time
Been thanked: 0 time


Return to Mainframe Security

 


  • Related topics
    Replies
    Views
    Last post