Take the following three program control steps to protect modules:

1. Use the RDEFINE command or the RACF® ISPF entry panels to identify the modules you want to protect. To define the modules to RACF, supply the name of the load module that you want to protect, the name of the data set that contains the load module, and the volume serial number of the volume that contains the data set. RACF adds each module that you identify to the profile for the PROGRAM general resource class.
   When you define the modules, you have several options:

   • If you want to define several modules at the same time, you can use asterisk notation. For example, DGT* represents all of the modules beginning with the letters DGT.
   • You can add an access list with user IDs or group names and their associated access authority to the profile.
   • You can define the UACC to give default access to all users or to none.
   • You can use the AUDIT parameter to set up or to bypass RACF logging.

   _______________________________________________________________

2. Use the PERMIT command to allow end users to execute an application, line operator, or command associated with a module.

   _______________________________________________________________

3. To prevent unauthorized users from copying a program, renaming it to a name that is unknown to the program control, and then executing the renamed program, you should protect the PDS libraries containing RACF-controlled programs with a UACC of NONE. In order for users to execute programs in these libraries, place the libraries in the LNKLIST concatenation. See z/OS Security Server RACF Security Administrator's Guide for more information.