Controlling the user library list
As a security precaution, you might want to make sure that the user portion of the library list has the correct entries in the expected sequence before a job runs. One method for doing this is to use a CL program to save the user’s library list, replace it with the list that you want, and restore it at the end of the application.
Here is a sample program to do this:
Note: By using the code examples, you agree to the terms of the Code license and disclaimer information.
PGM
DCL &USRLIBL *CHAR LEN(2750)
DCL &CURLIB *CHAR LEN(10)
DCL &ERROR *LGL
DCL &CMD *CHAR LEN(2800)
MONMSG MSGID(CPF0000) +
EXEC(GOTO SETERROR)
RTVJOBA USRLIBL(&USRLIBL) +
CURLIB(&CURLIB)
IF COND(&CURLIB=('*NONE')) +
THEN(CHGVAR &CURLIB '*CRTDFT ')
CHGLIBL LIBL(QGPL) CURLIB(*CRTDFT)
/*********************************/
/* */
/* Normal processing */
/* */
/*********************************/
GOTO ENDPGM
SETERROR: CHGVAR &ERROR '1'
ENDPGM: CHGVAR &CMD +
('CHGLIBL LIBL+
(' *CAT &USRLIBL *CAT') +
CURLIB(' *CAT &CURLIB *TCAT ' )')
CALL QCMDEXC PARM(&CMD 2800)
IF &ERROR SNDPGMMSG MSGID(CPF9898) +
MSGF(QCPFMSG) MSGTYPE(*ESCAPE) +
MSGDTA('The xxxx error occurred')
ENDPGMNotes:
- Regardless of how the program ends (normally or abnormally), the library list is returned to the version it held when the program was called. This is because error handling includes restoring the library list.
- Because the CHGLIBL command requires a list of library names, it cannot be run directly. The RTVJOBA command, therefore, retrieves the libraries used to build the CHGLIBL command as a variable. The variable is passed as a parameter to the QCMDEXC function.
- If you exit to an uncontrolled function (for example, a user program, a menu that allows commands to be entered, or the Command Entry display) in the middle of a program, your program should replace the library list on return to ensure adequate control.