MVSFORUMS.com

AKRISHNA · Posted: Sun Jun 22, 2003 9:36 pm Post subject: Security for Sequential Files?

Hi All,
How can I secure a sequential file that I create, so that no other id can delete or overwrite it? Is it possible somehow? If someone runs a JCL with my file's DISP set to OLD and DELETE, all my data is gone! Sad

Regards,
AK

warp5 · Posted: Mon Jun 23, 2003 12:41 am Post subject:

This is a RACF issue or other security tool. Check with your RACF specialist.

prakal · Beginner Joined: 14 Mar 2003 Posts: 22 Topics: 1

You could try creating a PS with your userid as the first qualifier to protect datasets. But again this can be overridden by using security tools like RACF etc.

Prakal.

AKRISHNA · Posted: Thu Jun 26, 2003 7:53 pm Post subject:

Thanks Prakal and Warp5. I work on ROSCOE and not TSO. And the convention at our site is to have the VOL SER name as the first qualifier.

Thanks anyways, let me try these out. Very Happy

Regards,
AK

CaptBill · Posted: Fri Jun 27, 2003 3:49 pm Post subject:

It does not matter that you use ROSCOE over TSO. RACF is a security tool.

Do you have a security product at your shop?

AKRISHNA · Posted: Fri Jun 27, 2003 9:56 pm Post subject:

Hi CaptBill,
We do have RACF on our machine, but the pblm is that I work on our client's machine and I want to explore all the programmers' options before I go to the admin for some RACF relate help.

I cant have PS file names starting with my id prefix as it is against the naming standards! Sad

Regards,
AK

slade · Posted: Sat Jun 28, 2003 10:41 pm Post subject:

Hi AK,

With the warning that "reserving" resources for your sole use can get you into trouble with TPTB, you could try using a reasonable RETPD in your JCL when creating the file. It doesn't protect the file from overwriting but it does protect it from deletion.

But remember that the space or tape cannot be deleted by anyone until the retention period expires. If you abuse the feature you could become famous real quick.

Regards, Jack.

AKRISHNA · Posted: Sun Jun 29, 2003 7:04 pm Post subject:

Hi Slade,
Thanks for this input. However, I dont think I can try this, especially on my clients machine! Wink

Thanks anyways,
AK

slade · Posted: Sun Jun 29, 2003 11:29 pm Post subject:

Hi AK,

I'm afraid that if you're unable or unwilling to speak to the security admin about getting a password, you're doomed to roam the earth unprotected. Crying or Very sad

Regards, Jack.

taltyman · Posted: Tue Jul 01, 2003 3:38 pm Post subject:

volser the 1st qualifier????? Did they have a reason for that?

AKRISHNA · Posted: Mon Aug 11, 2003 1:50 am Post subject:

Hi Taltyman,

It is just a convention here to have the VOLSER name as the first qualifier.

Rgds,
AK

taltyman · Posted: Tue Aug 12, 2003 8:01 am Post subject:

The storage guys must really have fun when dasd gets replaced. In effect this convention makes the datasets named that way are unmovable and if they do get moved then the convention is invalid for that dataset or datasets. The system can find the dataset using the catalog without the need for a volser anywhere in the dataset name. I realize you can't do anything about this but that is one of the dumbest conventions I have ever heard of.