Back to the original question... This is almost more comparable to asking the question "Who can submit JCL using the ID(s) used by Control-M/CA-7/other scheduler"? I would dare say that usually there are pretty tight controls... production control/schedulers.?
If there are tight controls on submitting JCL that is reviewed, controlled or is really more of changing input control cards than submitting JCL... then I might be more in favor. If the answer is they can submit any old JCL, then have one of them run a IEFBR14 that deletes something that an auditor needs. *ok.. so this might be extreme and possible CLM (career limiting move)*... but actually showing the vulnerability might be better than just talking about it. No controls = not advisable. The other item is to tightly control what the CICS region ID can do... which should be done anyway. At least the damage someone can do will be relegated to items confined to that CICS region. Any of the JCL submission entry points is vulnerable without proper review and controls. There are almost always exits that can be used to modify jobs to place controls.. not so popular (exits at least) any more.. but for the right use.. might be the ticket. YMMV.. good luck with changing ingrained possible dangerous behaviors without a management buy-in. or as they say in "The Princess Bride" "Have fun storming the castle!" Rob Schramm ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
