Customizing the Z Data Tools security environment

Z Data Tools provides security for system-oriented functions through ®either RACF® (or an equivalent security product) or the HFMSECUR exit.

If RACF® or an equivalent security product is active, the System Authorization Facility (SAF) with the Z Data Tools enhanced security facility is used for access control and authorization verification. Authorization is controlled by Z Data Tools-specific profiles in the FACILITY class. See Setting up the security environment by using RACF or an equivalent security product for information on defining profiles. If you use another security product than RACF®, consult the documentation for your product to determine how to define the FILEM facility to your product.

RDEFINE FACILITY FILEM.DISK.*         UACC(READ)   or NONE
RDEFINE FACILITY FILEM.DISK.FULLPACK  UACC(NONE)
RDEFINE FACILITY FILEM.LOADMOD.UPDATE UACC(READ)   or NONE
RDEFINE FACILITY FILEM.TAPE.*         UACC(READ)   or NONE
RDEFINE FACILITY FILEM.TAPE.BLP       UACC(NONE)
RDEFINE FACILITY FILEM.VSAM.*         UACC(READ)   or NONE
RDEFINE FACILITY FILEM.OAM.*          UACC(READ)   or NONE
RDEFINE FACILITY FILEM.OTHER.ALL      UACC(READ)   or NONE

If RACF® or an equivalent security product is not active at Z Data Tools initialization time, all Z Data Tools special security checks during that Z Data Tools session are passed to the HFMSECUR user exit instead of to SAF.

To use HFMSECUR, it must be installed in the LPA. If the HFMSECUR module is required and it cannot be found in the LPA, an error message is displayed, and Z Data Tools will not initialize.

HFMSECUR is a customizable exit. It provides HFMS macros, which allow you to define a table of user names or job names, Z Data Tools-protectable resources (called profiles), and access levels. For information on HFMSECUR, see Setting up the security environment by using HFMSECUR.