Exits

Exits within z/OS and vendor products allow for legal modifications to the system without changing IBM or vendor code. This flexibility, however, provides the deceptive programmer with several opportunities to exploit the system.

The auditor should obtain a complete inventory of exits. Before these exits can be judged as exploitative, the auditor must be familiar with coding at the assembler level.

Exits exist in almost all portions of z/OS. Potentially vulnerable exits include, but are not limited to:

CICS
IMS
RMF (ERBMFIUC/MFDUC/TRACE/MFRUR)
VTAM
UTILITIES
WTO (change route codes, remove messages)
JES (upwards of 20 exits)
DSF (ICKUSER1 ‑ data security)
DFP
HSM
DADSM (IGGPRE00, IGGPOST0)
RMF
SMF (IEFUJV/UJI/USI/U29/UJP/U83/UJI/ACTRT)
DCB
VSAM/IDCAMS (exception exit)

Note: Most of these exits allow execution in privileged state.