From an audit and security standpoint, exits are important for a number of reasons:
For example, SMF and JES2 exits can require that jobs use certain JCL parameters or can supply parameters that are missing. Some data centers have implemented support for whole new JCL statements.
Many exits receive control in supervisor state or can get it if they want to. This lets them look at or modify all system storage, even to the extent of disabling the access control software that the data center uses.
Exits can suppress audit trails.
The IEFU83, IEFU84, and IEFU85 exits can delete records that would otherwise be written to the SMF data sets.
The IEECVXIT exit can delete messages that would normally be written to the operator’s log.
The IEALIMIT exit can change the amount of main memory a job can use.
The IEFUTL exit can keep a job from being canceled when it runs out of time.
The IEFUSO exit can keep it from being canceled when it prints too many lines.
The IKJEFF10 and IKJEFF53 exits can control the jobs that TSO users can submit or cancel.
The IKJEFLD exit can control the ways TSO users can log on to the system.
Exits have so much control over things that they are often used as control points by access control software.
For example, the IEFU29 exit can issue a command to dump SMF data sets when they get full.
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |