ca.portal.admin

Security on //SYSCTL access

Discussion created by ca.portal.admin on Jun 15, 2007
Latest reply on Jun 15, 2007 by ca.portal.admin
In our IDMS environment, there is no subschema security and programmer
IDs into prod typically have batch update access (no subschema
security).

Online update access is restricted through task access control (no DMLO)
and batch update access is controled by restricting read access to the
SYSCTL file to controled proxy IDs whose use is monitored.

The question now is to determine if there's a way to prevent someone
from copying the test SYSCTL file to our prod environment, zapping the
CV number reference to the prod CV and employing that to access
production. (Our production and test CVs use the same SVC number on
different LPARs.)
"
IDMS Public Discussion Forum
IDMS-L@LISTSERV.IUASSN.COM
SMTP
IDMS-L@LISTSERV.IUASSN.COM
IDMS-L@LISTSERV.IUASSN.COM
SMTP








Normal

Normal
Security on //SYSCTL access
"In our IDMS environment, there is no subschema security and programmer
IDs into prod typically have batch update access (no subschema
security).

Online update access is restricted through task access control (no DMLO)
and batch update access is controled by restricting read access to the
SYSCTL file to controled proxy IDs whose use is monitored.

The question now is to determine if there's a way to prevent someone
from copying the test SYSCTL file to our prod environment, zapping the
CV number reference to the prod CV and employing that to access
production. (Our production and test CVs use the same SVC number on
different LPARs.)
"
IDMS Public Discussion Forum
IDMS-L@LISTSERV.IUASSN.COM
SMTP
IDMS-L@LISTSERV.IUASSN.COM
IDMS-L@LISTSERV.IUASSN.COM
SMTP








Normal

Normal
Linking ADS built-in functions with ADSOMAIN
"Based on advice from this list (thanks!), I have linked the BIF's with
ADSOMAIN. We are seeing an average 5% reduction in CPU use for ADS
dialogs. Since our mainframe is nearing capacity once again, this is a
welcome change. The improvement per dialog varies widely, depending on
how heavily BIF's are used.

Can we pull this trick again by linking any other load modules together?

Kay Rozeboom
State of Iowa
Information Technology Enterprise
Department of Administrative Services
Telephone: 515.281.6139 Fax: 515.281.6137
Email: Kay.Rozeboom@Iowa.Gov
"
IDMS Public Discussion Forum
IDMS-L@LISTSERV.IUASSN.COM
SMTP
IDMS-L@LISTSERV.IUASSN.COM
IDMS-L@LISTSERV.IUASSN.COM
SMTP








Normal

Normal
Re: Security on //SYSCTL access
"Thanks Gary but I was hoping for a quick fix. We don't currently have
DB resource security set on but we may have to. Another respondent
mentioned a fix using a system (z/OS?) exit that restricted //SYSCTL DD
usage to specific datasets but we would probably employ a remedy using
IDMS.

Outcomes