z/OS Security Server RACF System Programmer's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Security considerations for the RACF parameter library

z/OS Security Server RACF System Programmer's Guide
SA23-2287-00

You should protect the RACF® parameter library by way of a DATASET profile. If you have not defined the RACF subsystem as trusted or privileged, make sure that it has READ access to the RACF parameter library.
Note:
  1. No OPERCMDS authority check is performed for commands issued from the RACF parameter library, and these commands run with the authority of the RACF subsystem address space user ID.
  2. An operator can issue a SET INCLUDE command to process a member that contains commands that the operator does not have authority to issue directly.
Parent topic: The RACF parameter library

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014