AUTHLIB control statement

This control statement specifies the data set name of an authorized screen space (PROC) library. The library contains commands that should be invoked without security checks at the Classic Interface initialization.

Purpose

It lets you execute protected commands as part of the initialization screen without entering a password.

Recommendation: You should restrict WRITE access to the AUTHLIB data set because security checking for screens from this data set is bypassed.

Concatenate the data set that contains the authorized screens in your O2PROC DD statement. Note that the data set that contains the authorized screen libraries is not an APF-authorized data set.

Security checking resumes if one of these conditions occurs:

The Classic Interface fetches a screen from an unauthorized library
A screen is loaded into memory
A user enters any keystroke including a cursor movement

Important: If you create an authorized screen library and if you use the Classic Interface menu system, checking security causes initialization to fail if one of these conditions occurs:

The Classic Interface fetches a screen that contains an authorized command.
Therefore, the .FGO and .VAR commands should be unprotected.
The Classic Interface fetches a screen space that is loaded into memory.
Screen @ZSCRNDF loads screen spaces into memory.

Format

The format of the AUTHLIB control statement is:

AUTHLIB=dsname,VOL={volume|NOVOLUME}

where dsname denotes the name of the authorized screen library that you have created.

Keyword

VOL

Always required.

Specifies the volume serial where the specified data set resides and serves as an additional security measure.

You can specify a volume serial number even if the data set is cataloged.

If you do not want the additional volume serial number checking to be performed, specify NOVOLUME.