Path: utzoo!attcan!uunet!lll-winken!lll-tis!ames!mailrus!tut.cis.ohio-state.edu!rutgers!elbereth.rutgers.edu!hardees.rutgers.edu!patterso From: patterso@hardees.rutgers.edu (Ross Patterson) Newsgroups: comp.os.misc Subject: Re: MVS question Message-ID:Date: 12 Jul 88 03:10:48 GMT References: <502@etive.ed.ac.uk> Organization: Rutgers Univ., New Brunswick, N.J. Lines: 23 (a) The bit is there, but undocumented in User manuals. Look in one of the System Programming Library (SPL) books (SPL: Data Management probably, otherwise SPL: Job Management). (b) JSCBPASS is a relic, but it still does what it says. Fortunately, not even IBM regards OS Password Protection as data security anymore. What JSCBPASS does is let all programs running under that Job Step open Password Protected datasets (marked with the PROTECT bit in the Format 1 DSCB (DS1PROT?)) without requiring either the operator or the TSO user to supply the password, which may be found in clear text in a file called PASSWORD on the sysres disk. Like I said, real bloody secure. [As an aside to the non-MVS folks out there, the JSCB (Job Step Control Block) exists in protected storage, and to alter it (such as turning on the JSCBPASS bit) one must first be an authorized program (such authorization is under installation control). (c) Something else. Other than as an excersize in early 1960's, batch DP data security, what it is is worthless. Your friendly System Programmers were correct in not reading OPEN to look for an answer. Ross Patterson Rutgers University Center for Computer and Information Services Sometime MVS Systems Programmer and Historian