|
- Authorized Commands and Programs
A load module library activated
by the TSOLIB command can contain unauthorized and authorized commands
and programs.
Authorized commands and programs: - Must have been link-edited with an authorization code of 1
- Must reside in an APF-authorized library
- Must be listed on the AUTHCMD, AUTHPGM or AUTHTSF
statements of SYS1.PARMLIB member IKJTSOxx before they can be invoked.
To allow authorized commands or programs to be invoked,
the entire concatenation of data sets must contain data set names
that reside in the APF-authorized library list. This means that, if
you activate a list of load module and program object libraries with
TSOLIB, every data set name representing a library must be named in
the APF-authorized library list.
- Direct entry from applications to TSO/E
Several applications,
like ISPF, allocate their own task libraries, for example ISPLLIB,
to be on top of the search order that TSOLIB set up. However, applications
also have a direct entry in to TSO/E environment. For example: - TSO/E service facility in
an isolated environment
- The TSO/E TSOEXEC command
- Authorized commands and programs
These use the search order that TSOLIB has set up.
- Access permission to libraries
If you have a security server
active on your system, ensure that you are permitted read or execute
access to the libraries TSOLIB is to activate.
|