You control access to the initial program specified in the transaction resource definition by authorizing the user to initiate the transaction (transaction-attach security). However, CICS® application programs can invoke other programs by means of the LINK, LOAD, and XCTL commands. Also, the load status of programs can be altered by the CICS RELEASE, ENABLE, and DISABLE commands. Note, however, that there is no separate security check on the RELEASE of programs loaded for task lifetime. This is done on the corresponding LOAD.
You control access to programs invoked using these commands by defining profiles in the CICS application program classes, and which you define to CICS on the XPPT system initialization parameter.
RDEFINE MCICSPPT (prog1, prog2, ..., progn) UACC(NONE)
NOTIFY(sys_admin_userid)
PERMIT prog1 CLASS(MCICSPPT) ID(userid) ACCESS(READ)
PERMIT prog2 CLASS(MCICSPPT) ID(userid) ACCESS(READ)
RDEFINE NCICSPPT cics_programs UACC(NONE)
ADDMEM(proga, progb, ..., progx)
NOTIFY(sys_admin_userid)
PERMIT cics_programs CLASS(NCICSPPT) ID(group_userid) ACCESS(READ)
If CICS finds that a program referenced on a LINK command is a remote program, it does not perform the security check in the region in which the link command is issued. The security check is performed only in the CICS region in which the linked-to program finally executes.
For example, if CICSA function ships a DPL command to CICSB, where the program then executes, CICSB issues the security check. If the DPL request is function shipped again to CICSC for execution, it is CICSC that issues the security check.