|
|
|
IBM distributes SMF with dummy exits that let system programmers later link edit out the dummy or exit stub and link in a real exit program. IBM‑distributed exit stubs have a byte length of 8 or 20 bytes. However, the only way you can be sure that you are viewing stubs rather than active exits is to obtain a copy of the exit object code and review it. Because SMF exits are normally found in LPA, you have to trace the library of origin. CA Auditor analyzes SMF exit code to determine if it is a stub.
You can use the SMF Exits Display (1.5.3) to obtain the name, description, and length of each SMF exit. An exit is flagged for review if it is not a stub or if CA Auditor detects possible tampering.
You can use the z/OS System Exit Display (3.3) to determine the library of origin of each exit. When you have this information, you can use the B (BROWSE) line command to review a copy of the object code. You need to review the object code yourself or have a member of the technical support staff perform a peer review of the code. When the review is complete, you can use the z/OS System Exit Display (3.3) to document the review, indicating proper approval.
You can also ensure that future changes to SMF exits are recorded by using the Program Freezer Display (5.5). You can also find it useful to make a copy of certain exits, using the ISPF/PDF Copy function. These copies can then be compared to later versions of the ISPF/PDF exits with the Program Comparison Function (5.3).
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |