You can use the utility verification feature of EDIF to see whether unauthorized programs are updating data sets and to prevent unauthorized updates from occurring. You can enable this feature by specifying OPTION=UTILITY on a DSORG, PREFIX, SUFFIX, PATTERN, or DATASET statement. During utility verification, EDIF compares the name of the program that issues an OPEN request to a list of programs authorized to update that data set. If that program is not on the list, then EDIF considers the OPEN request to be an update violation.
You can identify authorized programs using the AUTHORIZED parameter. For example, you can authorize programs IEWL and ISRUDA to update the SYS1.LINKLIB data set by specifying AUTHORIZED=(PROGRAMS=(IEWL,ISRUDA)) on that processing statement.
If you have listed authorized programs on a UTILITY statement, then you can specify the name of that UTILITY statement instead of listing the programs individually. For example, suppose that you assigned the name LOADLIB to a UTILITY statement for these programs. To authorize these programs, specify AUTHORIZED=(UTILITY(LOADLIB)) on that processing statement.
To detect update violations for testing purposes, We recommend that you specify OPTION=(UTILITY,SMF,SUPPRESSMESSAGES). This lets you identify data sets that are being damaged by unauthorized updates, without sending notification messages to TSO users and operators. You can then decide which programs to abend and which programs to authorize.
For example, to detect update violations for the SYS1.LINKLIB data set and record violations in an SMF record, specify the following statement in the EDIPARMS member:
DATASET NAME=SYS1.LINKLIB OPTION=(UTILITY,SMF,SUPPRESSMESSAGES)
To prevent unauthorized updates, specify OPTION=(UTILITY,ABEND). EDIF then abends programs that attempt to perform unauthorized updates. If EDIF detects an unauthorized update, then EDIF issues message MIM4002 to notify you about the update violation and message MIM4003 to notify you that the program has been abended.
Note: You should use extreme care when specifying the ABEND option on the DEFAULT statement or on any other statement that affects a large number of data sets. We recommend that you do not specify the SUPPRESSMESSAGES option to suppress notification messages when the ABEND option is in effect.
For example, to prevent unauthorized updates for the SYS1.LINKLIB data set and record update violations in an SMF record, specify the following statement in the EDIPARMS member:
DATASET NAME=SYS1.LINKLIB OPTION=(UTILITY,ABEND,SMF)
By default, EDIF uses abend code U913 when abending a program. To use a different abend code, specify a new code through the ABENDCODE parameter on the EDIINIT statement.
|
Copyright © 2014 CA.
All rights reserved.
|
|