Joined: 01 Sep 2006 Posts: 2136 Location: Silicon Valley
Your use of the rexx program is not clear to me. They already have to have access to the rexx program in order to execute it. I think you need to define your permissions ahead of time, before they try to execute the rexx program.
Though, I do not think this is a good scheme. For example, if the rexx program reads some secret data set, it is the data set that needs to be protected, not the rexx program.