Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Protecting DFSMSdss functions with RACF FACILITY class profiles z/OS DFSMSdss Storage Administration SC23-6868-01 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Besides protecting DFSMSdss/ISMF functions, you can also protect certain DFSMSdss keywords and functions. You do so by defining RACF® FACILITY class profiles and restricting access to those profiles. Table 1 lists these keywords and functions, and their associated RACF FACILITY class profiles. For
a given command or parameter, protection occurs when both of the following
conditions are met:
When the RACF FACILITY class is active and one of the profiles listed in Table 1 is defined, you must have READ access authority to use the indicated command or keyword. Otherwise, anyone can use the indicated command or keyword. If RACF FACILITY class checking is not set up for these keywords, any DFSMSdss user can use them.
You can bypass this type of RACF FACILITY class checking with the DFSMSdss installation options exit routine that your installation may be using. For more information about the installation options exit routine, refer to z/OS DFSMS Installation Exits. For more information about RACF class profiles, refer to z/OS Security Server RACF Security Administrator's Guide. |
Copyright IBM Corporation 1990, 2014
|