Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Controlling who can modify job attributes using the Job Modify SSI 85 z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|||||||||||||||||||||||||||||||
The Job Modify SSI 85 can be used to modify a variety of job attributes. Resources in the JESJOBS class control who can use the functions of the Job Modify SSI 85. Table 1 shows the format of these resources.
To control who can modify job attributes using the Job Modify SSI,
perform the following steps:
Note: Be sure that you do not have JESJOBS profiles that specify generic
job names or user IDs, and that provide access higher than Read. If
you created such profiles on a system earlier than z/OS® V2R1, the profiles only affected the ability
of users to cancel or submit jobs. But on a z/OS V2R1 system, those profiles might have
the unintended effect of allowing users to use the Job Modify SSI
functions to modify the attributes of a job.
To avoid this unplanned
access, look for JESJOBS profiles that match the resource names listed
in Table 1.
You can use the SEARCH command to list all of the profiles in the
JESJOBS class:
If you
find any profiles that match the resource names listed in Table 1,
use the RLIST command to list information about each of the profiles
found, and ensure that the UACC, access list, and audit options are
appropriate.
|
Copyright IBM Corporation 1990, 2014
|