ISPF daemon as a secure z/OS UNIX server

Provide the ISPF daemon UPDATE access to the BPX.SERVER profile to manage the security environment.

The ISPF daemon requires UPDATE access to the BPX.SERVER profile to create or delete the security environment for the client's thread.
Use the following commands to permit access by the ISPF daemon:
  • RDEFINE FACILITY BPX.SERVER UACC(NONE)
  • PERMIT BPX.SERVER CLASS(FACILITY) ACCESS(UPDATE) ID(STCISPF)
  • SETROPTS RACLIST(FACILITY) REFRESH
Attention: Defining the BPX.SERVER profile makes z/OS UNIX as a whole switch from UNIX level security to z/OS UNIX level security, which is more secure. This might impact other z/OS UNIX applications and operations. Test this before activating it on a production system. Refer to UNIX System Services Planning, (GA22-7800), for more information about the different security levels.