Installation management must ensure that the programs it includes in the RACF® authorized-caller table are both reentrant and protected so that users cannot modify code in these programs without prior review of the code by the installation management. Installation management should use RACF to protect their authorized libraries to ensure that only authorized users link edit programs into these libraries.

In addition, to avoid system-integrity problems, installation management must ensure that only authorized individuals, started tasks, or batch jobs are allowed to execute the programs whose names are included in the authorized-caller table.

You can use program control to control access to the program named in the authorized-caller table.

If you have placed the names of any other programs into the authorized-caller table, you should protect them using the approach outlined above. Additionally, it is highly recommended that you start planning to run those programs APF-authorized at your earliest convenience.