Valid on z/OS and z/VSE.
Use PROGRAM to secure system programs and utilities.
When used with TSS ADDTO/REMOVE, this resource class has the following format:
TSS ADDTO(acid) PROGRAM(program)
One to eight characters
One to five prefixes per TSS command
When used with TSS PERMIT/REVOKE, this resource class has the following format:
TSS PERMIT(acid) PROGRAM(program)
One to eight characters
One to five prefixes or names per TSS command
This keyword is used with:
The administrator can use any of the following methods to control access to PROGRAMS: Expiration, Facility, Time/Day, and Actions. Sysid, Timerec, and Calendar restrictions are not supported.
Programs that are protected include: TSO commands, and those specified by 'EXEC PGM=program' in JCL statements; all programs executed internally via CALL, LINK, LOAD, XCTL, ATTACH, EXECUTE and CA‑IDMS programs.
This example protects the use of all system utilities, IEH5000 and IEASSST, by assigning ownership to the Corporate Department ACID, and subsequently PERMIT restricted access to users or profiles:
TSS ADDTO(CORPRAT) PROGRAM(IEH,IEASSST)
This example removes ownership:
TSS REMOVE(CORPRAT) PROGRAM(IEH,IEASSST)
This example permits use of the SUPERZAP program from Batch only:
TSS PERMIT(SYSAU2) PROGRAM(IMASPZAP)
FACILITY(BATCH)
This example revokes access:
TSS REVOKE(SYSAU2) PROGRAM(IMASPZAP) REMOVE
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|