Establishing program control

Program control is the concept of having "trusted" applications. Your installation can define libraries to RACF where these trusted applications will reside. You can activate program control on your system by issuing the RACF command SETROPTS WHEN(PROGRAM). When program control is active, processes will be marked "dirty" if they attempt to load programs from libraries that are not trusted.

z/OS UNIX also has the concept of trusted applications. In the UNIX file system, executable files may be tagged with the program-controlled extended attribute. If a user issues a z/OS UNIX shell command or runs a program that does not have the program-controlled extended attribute, the process becomes "dirty"; in either case, the process is never "cleaned". That is, the "dirty bit" remains on, which will cause certain services to fail as a result.