Reduce CPU time for UNIX file security especially if you have FSACCESS on

This item is a valid requirement but unlikely to be given high enough priority to be placed into the product plan. If this requirement is high value, please re-open it, or open a new requirement.

Thank you for submitting this requirement. It is accepted as an Uncommitted Candidate.

Due to processing by IBM, this request was reassigned to have the following updated attributes:
Brand - Servers and Systems Software
Product family - z Systems Software
Product - z/OS
Component - RACF
Operating system - IBM z/OS
Source - None

For recording keeping, the previous attributes were:
Brand - Servers and Systems Software
Product family - z Systems Software
Product - z/OS
Component - USS
Operating system - IBM z/OS
Source - None

I'm confused by your response.
Are you saying you leave it up to the External Security Manager (ESM) to call itself?
In this case z/OS UNIX is the caller and it should do a better job of not "over calling" the ESM for every directory traverse etc.

We use RACF but regardless of ESM the coding job to be done here is clearly by z/OS UNIX development.

We meet regularly with Bruce Wells. He is our RACF Lab Advocate.

Please feel free to follow up with him with additional questions as he can help facilitate a meeting to further discuss this much needed requirement.

There are no additional access checks made by z/OS UNIX when
FSACCESS is enabled. There is additional checking done
by the security product. Please indicate which security
product you use so this can be properly routed.

it's a real "resource eater"

Hello, I agree completely with this findings. The overhead is very high.
I don´t know how this caching can be implemented (if possible). Based on Process-ID or Job or Jobstep or Userid or whatever?