For whatever reason that I did it, the mode field on /etc/init.options is 700. When I run Co:Z (program COZLNCH), it tries to read this file. Why? No, the file does not contain any security data. But I always go with a "minimal access" philosophy. I don't see anything in that file which would be useful for anything other than "init". And I am a PITA when it comes to security.
--
John McKown
Why is /etc/init.options read?
/etc/init.options is the file that contains base environment variable settings.
Its seems like a z/OS bug that all processes don't inherit the init.options from the kernel, like other *nix systems - but they don't on z/OS!
Since Co:Z launcher is a batch job and doesn't run under a Unix shell, we read this file to pick up any installation environment variables, like TZ, LANG, etc. You can also configure environment variables using CO:Z
configuration properties, but we read /etc/init.properties to eliminate unecesssary redundancy.
If for some reason Co:Z cannot read /etc/init.options, then we issue a message an go on without. The most common problem is that the file is not world-readable. Since there should not be any sensitive information in this file, we recommend that you change the permissions to allow this:
chmod a+r /etc/init.options
We're open to suggestions as to a better way to handle...
We should probably try to submit a requirement to IBM to fix this
Its seems like a z/OS bug that all processes don't inherit the init.options from the kernel, like other *nix systems - but they don't on z/OS!
Since Co:Z launcher is a batch job and doesn't run under a Unix shell, we read this file to pick up any installation environment variables, like TZ, LANG, etc. You can also configure environment variables using CO:Z
configuration properties, but we read /etc/init.properties to eliminate unecesssary redundancy.
If for some reason Co:Z cannot read /etc/init.options, then we issue a message an go on without. The most common problem is that the file is not world-readable. Since there should not be any sensitive information in this file, we recommend that you change the permissions to allow this:
chmod a+r /etc/init.options
We're open to suggestions as to a better way to handle...
We should probably try to submit a requirement to IBM to fix this