Security considerations for the master terminal

The security of access from the master terminal is critical. Because the MTO can modify all security profiles during normal operations, you should consider protecting the terminal with a second level of control.

Signon verification security provides this capability. The primary question is how much capability to modify security should be given to this second level of control.

Default security does not and cannot prevent modifying the system's security profiles through the master terminal; however, you might want to restrict some commands from being entered from the MTO.

You can use the DFSCCMD0 exit routine to limit the commands that can be entered from the MTO.

Use the DFSCCMD0 exit routine to specify the commands that you want the MTO to be able to enter. The /ASSIGN, /CHANGE, and /DELETE commands are likely candidates to protect. For a cold start or warm start, the MTO can control the following security:
  • Signon verification security
  • Transaction authorization
  • Transaction command security
  • Command authorization

You can control these authorizations by making the specifications shown in the following table.

Table 1. Initialization EXEC parameters
Enforced security option Initialization EXEC parameter
Signon verification SGN
Transaction authorization TRN
Terminal security SGN
Command security RCF