The customer is on z/OS 2.2 upgrading to z/OS 2.3. The respond should be for both operating systems.
Customer is considering setting IBM parm OSPROTECT to a value of 1. By setting this value are there any issues with the product? If so, are there any ptf's that is required? I have included the IBM description of this parm below.
The OSPROTECT parameter specifies the operating system mitigation mode for unauthorized programs and users.
The operating system provides controls intended to help prevent unauthorized programs and users from being able to access restricted data using conventional means. Malicious or compromised unauthorized programs and users may use a security exploit to try to circumvent these controls and access restricted data. A mitigation mode determines whether the security mitigation is active or inactive. The operating system supports the following mitigation modes:
SYSTEM
Specifying SYSTEM activates the default mitigation mode intended to help prevent unauthorized programs and users from accessing restricted data using conventional means.
1
Specifying the number 1 activates mitigation mode 1, intended to help prevent unauthorized programs and users from being able to indirectly read restricted data. Mitigation mode 1 also includes the default mitigation mode (see SYSTEM). Mitigation mode 1 may have a minor impact to system performance and/or workload execution
Release : 14.0
Component : CA Vantage Storage Resource Manager z/OS r14.1 installed in a z/OS environment with IBM APAR OA54807 applied.