In a RACF® FACILITY class environment, permission to issue the HSENDCMD is not checked by DFSMShsm. Instead, permission to issue the command submitted by HSENDCMD is checked by DFSMShsm using RACF FACILITY class checking.
In an AUTH environment, if you are an authorized user, you can use the HSENDCMD command to issue any DFSMShsm operator, storage administrator, or system programmer commands from a TSO terminal, instead of from the system console.
In this AUTH environment, DFSMShsm allows an unauthorized user to use the HSENDCMD to issue the ALTERDS, BDELETE, and the QUERY commands. The subcommands ALTERDS and BDELETE are processed in the same manner as the HALTERDS and HBDELETE.
In a RACF FACILITY class environment, an unauthorized user can only use the HQUERY, HCANCEL, HBDELETE, and HALTERDS commands. Users no longer have access to any storage administrator commands unless the security administrator has given them access to those command profiles.