ECPRIV parameter: Difference between revisions

From m204wiki
Jump to navigation Jump to search
m (misc formatting)
m (minor formatting)
 
(3 intermediate revisions by 3 users not shown)
Line 22: Line 22:


<tr><th><var>0</var></th>
<tr><th><var>0</var></th>
<td>End-users can issue only <var>External Call</var> statements; no other ECF statements are allowed.</td></tr>
<td>End-users can issue only <var>[[External Call Facility#External Call statement|External Call]]</var> statements; no other ECF statements are allowed.</td></tr>


<tr><th><var>1 </var></th>
<tr><th><var>1 </var></th>
Line 31: Line 31:


<tr><th><var>4</var></th>
<tr><th><var>4</var></th>
<td>Run under the job's external authorizer profile rather than that of the user that invoked an <var>[[External Call Facility#External Call statement|External Call]]</var>.  
<td>Run under the job's external-authorizer profile rather than that of the user that invoked an <var>External Call</var>.
<p>
<p>
This bit only has an effect under Model&nbsp;204 7.7 and later. Before Model&nbsp;204 7.7, <var>External Call</var> requests run under the job's authorization profile. As of Model&nbsp;204 7.7, <var>External Call</var> requests run under the invoking user's authorizer profile, unless the <var>ECPRIV</var> 4 bit is set. </p>
In Model&nbsp;204 version 7.6 and earlier, this bit does not exist, and <var>External Call</var> requests only run under the job's external-authorizer profile. As of Model&nbsp;204 7.7, the default changes (introducing a backward incompatibility), and <var>External Call</var> requests run under the invoking user's external-authorizer profile, unless this 4 bit is on. </p>
<p class="note">
<b>Note:</b> This bit is ignored for the [[External Call Facility#idcams|IDCAMS facility]], that is, the IDCAMS facility always runs under the invoking user's profile regardless of the <var>ECPRIV</var> setting.
</p>
<p>
<p>
This bit only has an effect if Model&nbsp;204 is using an external authorizer such as ACF2, RACF, or Top/Secret.</p></td></tr>
This bit only has an effect if Model&nbsp;204 is using an external authorizer such as ACF2, RACF, or Top/Secret.</p></td></tr>

Latest revision as of 18:01, 27 June 2017

ECF privileges

Summary

Default value
0
Parameter type
System
Where set
On User 0's parameter line
Related products
All
Introduced
Model 204 V5.1

Description

Specifies who can issue privileged ECF statements. All External statements, except External Call, are privileged.

Value Means
0 End-users can issue only External Call statements; no other ECF statements are allowed.
1 Any APSY user can issue privileged ECF statements.
2 Any non-APSY user can issue privileged ECF statements.
4 Run under the job's external-authorizer profile rather than that of the user that invoked an External Call.

In Model 204 version 7.6 and earlier, this bit does not exist, and External Call requests only run under the job's external-authorizer profile. As of Model 204 7.7, the default changes (introducing a backward incompatibility), and External Call requests run under the invoking user's external-authorizer profile, unless this 4 bit is on.

Note: This bit is ignored for the IDCAMS facility, that is, the IDCAMS facility always runs under the invoking user's profile regardless of the ECPRIV setting.

This bit only has an effect if Model 204 is using an external authorizer such as ACF2, RACF, or Top/Secret.

You can select multiple options by summing the values pertaining to each desired option.