Can anyone tell me why the IBM STRDBG command does not carry forward adopted authority? That is, if you're in debug and press F21 to bring up the IBM command line window, you loose the adopt authority rights. The security guide confirms this statement but does not tell me why. Is there a way around this problem?
Unconfigured Ad Widget
Collapse
Announcement
Collapse
No announcement yet.
Adopt authority and STRDBG (V4R4)
Collapse
X
-
Adopt authority and STRDBG (V4R4)
Frank, What you are seeing is a limitation of adopted authority. I believe that service special authority will get you around this limitation, but it is probably not a good idea to grant service authority just to get around this limitation. One alternative to adopted authority is to use primary group authority. With primary group authority you would use the chgobjpgp command specifying the primary group of the person requiring debug capabilities. Adopted authority is becoming less viable as a means of securing a system because of the variety of interfaces available today, primary groups are not as flexible, but they do work more consistently. David Morris
Comment