ENHANCED program security mode provides better security for the
use of PADS, program access to SERVAUTH resources, execute-controlled
programs, and optionally for UNIX servers
and daemons.
Rules:
- When you choose to run in ENHANCED program security mode, you
must identify the programs that you expect users to execute that make
use of PADS or program access to SERVAUTH resources, or run execute-controlled
programs.
- You must identify those programs to RACF® as
either MAIN (preferred) or BASIC programs to indicate your higher
level of trust in the way they operate. RACF restricts
the use of PADS, program access to SERVAUTH resources, and execute-controlled
programs to a program environment established by one of those programs.
This provides a more controlled, or restricted, environment for the
use of PADS, program access to SERVAUTH resources, and execute-controlled
programs. This further ensures that malicious users cannot misuse
the system to inappropriately gain access to protected data.