Alternatives of HRECALL and I



IBM's Command List programming language & Restructured Extended Executor

Re: Alternatives of HRECALL and I

Postby chinkump » Thu Apr 04, 2013 9:22 am

Robert Sample wrote:chinkump, site security policies are generally set to allow access to protected resources (such as data sets) to those who need that access and prevent access to those who do not need the access. You have posted on this forum a number of questions basically asking how to bypass security at your site. Either you are attempting to do things you have been asked to do (in which case your solution is to go to your manager and get your access changed to allow you to do things like HRECALL on data sets), or you are attempting to do things that you are not allowed to do (in which the site security policy is working precisely as it is intended to do).

Asking for help in breaking site security on a forum is NOT a career-enhancing move. You need to either talk to your manager to be granted more access, or stop trying to access things you are not allowed to do at your site, or find a different job. The number and tone of the posts you have made raise questions about your true goals and definintely you should be addressing your issues with your site security group and / or site maangement, not us.
chinkump
 
Posts: 26
Joined: Fri Jan 20, 2012 10:48 pm
Has thanked: 3 times
Been thanked: 0 time

Re: Alternatives of HRECALL and I

Postby enrico-sorichetti » Thu Apr 04, 2013 11:12 am

I am trying to be proactive, and warn about and then deny the security violation happens !


while I agree with being proactive - just to add some more protection for the fat fingers syndrome

Your second objective is inconsiderate, since Your approach is not certified by the audit group
You are not in the position to deny anything, RACF reigns .
( there are gazillions of dat sets protected, and It will be difficult to keep in sync Your table with RACF )
so You should expect some violations

on the other side too many violations are just a symptom of carelessness of the users.
cheers
enrico
When I tell somebody to RTFM or STFW I usually have the page open in another tab/window of my browser,
so that I am sure that the information requested can be reached with a very small effort
enrico-sorichetti
Global moderator
 
Posts: 3006
Joined: Fri Apr 18, 2008 11:25 pm
Has thanked: 0 time
Been thanked: 165 times

Re: Alternatives of HRECALL and I

Postby Robert Sample » Thu Apr 04, 2013 2:33 pm

If I were a member of the site security group at your site, and I heard what you are trying to do, your employment would not last long. Call it "proactive" or whatever you want to call it -- you are wanting to prevent security access violation messages when a security access violation occurs, and that is attempting to bypass the security software's functions, period. No auditor I have worked with would sanction such activity as it goes counter to a number of principles of data center operation.
Robert Sample
Global moderator
 
Posts: 3720
Joined: Sat Dec 19, 2009 8:32 pm
Location: Dubuque, Iowa, USA
Has thanked: 1 time
Been thanked: 279 times

Re: Alternatives of HRECALL and I

Postby enrico-sorichetti » Thu Apr 04, 2013 2:45 pm

you are wanting to prevent security access violation messages when a security access violation occurs,


there is a language barrier here ...
the TS does not want to hide the message, he simply wants to prevent access himself
a quick and dirty remedy for the fat finger syndrome

and when I said
it seems to me that the TS is trying to be proactive, and warn about and then deny the access before it happens !

he confirmed it

and the best way to do it is not even to show the datasets in the datasets list using the proper ISPF exit
what You do not see it does not bite You in the *** ;)
cheers
enrico
When I tell somebody to RTFM or STFW I usually have the page open in another tab/window of my browser,
so that I am sure that the information requested can be reached with a very small effort
enrico-sorichetti
Global moderator
 
Posts: 3006
Joined: Fri Apr 18, 2008 11:25 pm
Has thanked: 0 time
Been thanked: 165 times

Previous

Return to CLIST & REXX

 


  • Related topics
    Replies
    Views
    Last post