On 2/1/2006 4:39 PM, Chase, John wrote:
Is there a "reliable" way, from within (specifically) the RACF IRREVX01
command exit, to determine whether a particular command of interest was
entered by a TSO user at a terminal or "submitted" from a program via the
terminal services facility IKJEFTSR? The "submitter" program in this case
would be a program running in a TSO user's session.
The intended effect of this is to reject certain CONNECT commands to certain
"firecall" groups except via the specific "submitter" program.
That sounds very tricky. The CONNECT command would be running in the an
authorized subtask tree within TSO, and the original "submitter" program
would be running in another part of the subtask tree, with no obvious
connection between them that I know of. You could probably walk up the
TCB tree until you hit IKJEFT02's parent, then walk down some sibling
TCB chain until you reach the end, and then check the PRB and CDE to see
if you hit your submitter program.
However, even if you find that data, there's no information that I know
of that would allow you determine that it is the copy of the program you
expected, rather than some other program with the same name, from some
other library. Possibly checking for a clean program control
environment would help, but that's not a documented programming interface.
I might suggest a different approach, with an APF-authorized submitter
program that invokes R_admin to do the CONNECT command. This lets the
submitter specify the user ID under which to run the command, and your
exit could simply check the ID the command is running under.,
Walt Farrell, CISSP
z/OS Security Design, IBM
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
