Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
RACF and z/OS UNIX z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
This topic describes using RACF® with z/OS UNIX. This topic describes factors to consider when using RACF to manage group identifiers (GIDs) and user identifiers (UIDs). It also describes how to map GIDs and UIDs to RACF group names and user IDs. The z/OS UNIX security
functions provided by RACF include
user validation, file access checking, privileged user checking, and
user limit checking. z/OS UNIX users are
defined with RACF commands.
When a job starts or a user logs on, the user ID and password are
verified by RACF. When an address
space requests an z/OS UNIX function
for the first time, RACF:
Additional reading:
Note: RACF program control
does not control programs that are executed in any way that bypasses MVS™ contents supervision, such as
load modules contained in z/OS UNIX files. Therefore,
loading a program from a z/OS UNIX file prevents
you from opening a data set in a PADS (program access to data sets)
environment, and prevents you from loading a program from an MVS library if you only have EXECUTE
authority. You should use program control to restrict access to any
programs, such as these, that provide facilities for bypassing MVS contents supervision. For more
information, see Protecting programs.
|
Copyright IBM Corporation 1990, 2014
|