Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

eTrust CA-ACF2 Version: 6.3, 6.4 OS: Z/OS, OS/390 Q: I have a generic 40 * s resource rule. Do I still need that?

ca-acf2 eTrust generic OS version
0
Posted

eTrust CA-ACF2 Version: 6.3, 6.4 OS: Z/OS, OS/390 Q: I have a generic 40 * s resource rule. Do I still need that?

0 CommentsAdd a Comment

1 Answer

0

A generic or 40 * ‘s resource rule is intended as a migration tool to help identify what SAF resources are being used and then write the appropriate rules. This generic rule should never be a permanent rule as it is considered a security exposure. If you still have a generic rule in place, you should take steps to remove it. To do this, first set it to LOG to determine if any resources are being validated through it. If you find validation being done, write specific rules for the resources in question. After a given time period (four to six weeks), delete the generic rule and rely on the specific rules from that point onward.

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123