Security

There are two general types of REXX/CICS File System security: file access security and command execution security.

  • File access security controls access to execs and data. RFS file security can be controlled at two levels; the CICS® level, and at the RFS directory level.
    1. At the CICS level, authorization to access file pool VSAM files can be given to specific users. This gives a high level of security.
    2. At the RFS directory level, user directories are private directories and can be accessed only by the owning user (by default).
    However, the owner of a directory can use the RFS AUTH command to define a directory as being publicr, publicw, or secured. publicr means any other REXX/CICS user has read/only access to this directory. publicw means any other REXX/CICS user has read/write access to this directory. secured means that the RFS security exit will be invoked to determine whether access should be allowed. For more information, see the RFS AUTH command, AUTH. Non-user directories can be created and their access levels defined by an authorized user.
  • Command execution security controls the use of certain REXX/CICS commands, or command keywords. For more information, see Security.