IBM Z Hardware and Operating Systems Ideas Portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Not under consideration
Workspace z/OS
Categories RACF
Created by Guest
Created on Sep 14, 2017

RELATED IDEAS

Allow allocation of RRSFLIST to be suppressed

RACF RRSF ALU command with AT or ONLYAT results in allocation of the RRSFLIST data set with limited naming conventions and no ability to suppress.

Idea priority Medium
  • Guest
    Reply
    |     Mar 1, 2023
    This item is a valid requirement but unlikely to be given high enough priority to be placed into the product plan. If this requirement is high value, please re-open it, or open a new requirement.
  • Guest
    Reply
    |     Oct 11, 2017

    Thank you for your comment and suggestion. In this situation, the userid belongs to a started task. Information Security does not assign a TSO segment to started tasks to limit the risk of the elevated privileges of the userid from being exploited.

    There is also no ALIAS for the userid, and that results in an attempt to catalog the data set in the master catalog (resulting in a security violation, as we protect the master catalog from update). If we were to define it, we'd need to manage the data set, as the started task performs many ALU commands per day.

    An ability to suppress the RRSFLIST seems to me to be a better approach.

  • Guest
    Reply
    |     Oct 10, 2017

    Have you considered setting a TSO prefix for the userid, then granting permission to that prefixed file? Are the messages that RRSF issues in the same scenario also a problem? Thank you.

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.