IBM Support

PI19978: FM/CICS ENHANCEMENT ABILITY TO SECURE FM/CICS UPDATE FUNCTIONS FROM TSO/ISPF AND FM PLUGIN

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as new function.

Error description

  • FM/CICS Enhancement Ability to secure FM/CICS update functions
from TSO/ISPF and FM plugin

Local fix

  • 



Problem summary


    

  • ****************************************************************
* USERS AFFECTED: All FM/CICS users.                           *
****************************************************************
* PROBLEM DESCRIPTION: 1.FM/CICS can read, modify and change   *
*                      the status of CICS resources.           *
*                      For CICS regions without resource or    *
*                      SET processing security there is a      *
*                      requirement to control the functions    *
*                      or processes that can be run using      *
*                      FM/CICS.                                *
*                      2.File Manager hangs when adding        *
*                      records to an auxiliary TS queue and    *
*                      there is no space to add any more items *
*                      3.FM/CICS isn't showing resources from  *
*                      remotely connected regions on a resourc *
*                      list or MSGFMNBB259 is being produced   *
*                      trying to access a remotely defined     *
*                      file.                                   *
****************************************************************
* RECOMMENDATION: Apply the provided PTF.                      *
****************************************************************

    



Problem conclusion


    

  • 



Temporary fix


    

  • 



Comments


    

  • File Manager has been enhanced to support resource security.
This security is activated when a user has read or more access
to the facility class profile:
FILEM.CICS.RESOURCE
If File Manager for CICS resource security has been activated
then a XFACILIT class profile in the following form will be
used to determine whether a user is authorized to perform
any given FM/CICS function against the resource.

FILEM.sysplex.applid.resource.resource_name

where
sysplex - is the current sysplex name.
applid - is the VTAM applid of the CICS region
resource - is FILE, TS, TD or ENQ - to identify resources File
Manager can process.
resource_name - is the File name, TS queue name or TD queue name

If this XFACILIT class profile is defined then READ access is
required for READ only functions like view, print. Update is
required for update functions like edit or FCH. CONTROL
is required to perform SET processing - like opening and closing
CICS files. For functions that read or update CICS files a
data set check will also be performed against the associated
data set name to ensure the user has the READ for read functions
and UPDATE for update functions.
See the associated documentation change for details on how this
can be set-up.

File Manager has also been modified to report the NOSPACE
condition when writing to a TS queue.


File Manager has been modified to ensure level change checking
is correct for remote system access.

Publication Closing Code: DEVCHNG

For the documentation changes associated with this APAR,
please refer to:
ftp://public.dhe.ibm.com/software/websphere/awdtools/
    filemanager/fmv12apar.pdf

The changes are to the following publications:

PUB ID        PUB NAME
------------  ----------------------------------------

SC19-3673-01  File Manager for z/OS V12R1 Customization
              Guide

The latest published manuals can be found at:
http://www.ibm.com/software/awdtools/filemanager/library/
       index.html.

    



APAR Information




    

  • APAR number
    PI19978
    • 

  • Reported component name
    FILE MANAGER Z/
    • 

  • Reported component ID
    5655W6800
    • 

  • Reported release
    C16
    • 

  • Status
    CLOSED  UR1
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2014-06-12
    • 

  • Closed date
    2014-11-03
    • 

  • Last modified date
    2014-12-01
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    
PI19473
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Modules/Macros


    

  • FMN0LVL  FMN0LVLJ FMN0LVLK FMN3LVL  FMN3LVLJ
FMN3LVLK

    




Publications Referenced


SC19367301    





Fix information


    

  • Fixed component name
    FILE MANAGER Z/
    • 

  • Fixed component ID
    5655W6800
    • 



Applicable component levels


    

  • RC1A  PSY  UI22706
       UP14/11/07  P  F411
    • 

  • RC1D  PSY  UI22708
       UP14/11/07  P  F411
    • 

  • RC10  PSY  UI22705
       UP14/11/07  P  F411
    • 

  • RC11  PSY  UI22709
       UP14/11/07  P  F411
    • 

  • RC16  PSY  UI22713
       UP14/11/07  P  F411
    • 

  • RC17  PSY  UI22714
       UP14/11/07  P  F411
    • 



Fix is available


    

  • Select the PTF appropriate for your component level.
You will be required to sign in. Distribution on physical
media is not available in all countries.
    








      
              
                            

              

              [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"C16","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSXJAV","label":"File Manager for z\/OS"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"C16","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            01 December 2014
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback