UUSEX1 - USDLIB Security Exit

UUSEX1 is a user-written routine called by the USDLIB utility program each time before contents of a single SD file are displayed or zapped, or an SD file is deleted.This routine allows you to define security restrictions on the access of SD files. Possible uses include:

  • To MESGSW a record recording the access of an SD data set;

  • To restrict access to SD files that may contain sensitive information;

  • To restrict use of subfunctions, for example, zap or delete.

Because the UUSEX1 module is only loaded once per invocation of USDLIB, internal switches can be set and referred to.

A dummy UUSEX1 module is distributed with the Com-plete system as a member of the distribution source library and the distribution load library.

Note:
No security exists for USDLIB functions unless it is established by you.

This document covers the following topics:


How to Use UUSEX1

Upon entry to UUSEX1, a set of parameters is received in the form of fullword addresses pointed to by register 1. Word 1 contains the address of a halfword return code to be initialized in the exit. A value of 0 allows access; a value of 4 disallows access. Word 2 of the parameter list contains the address of a six-byte field containing the name of the SD file being accessed. Word 3 of the parameter list contains the address of a two-byte field containing the TID number of the SD file A value of binary zeros means that the SD file was created with SHR status. Word 4 of the parameter list containes the address of an one-byte field containing the USDLIB subfunction code.

To define security, check which SD file is being accessed, check the subfunction being executed, and set the return code to indicate acceptance or rejection.

Upon return from UUSEX1, the return code area is examined by USDLIB. If the return code is not zero, the operation is aborted and a security violation message is issued.

UUSEX1 Conventions

The following table summarizes the UUSEX1 linkage conventions.

Feature Convention
Attributes Reentrant if in a resident area.
Type Thread.
Size Maximum of 2048 bytes
Registers at Entry
Register 1 Address of the parameter list
Register 13 Address of an 18-fullword save area
Register 14 Return address in the calling module
Register 15 Entry address of UUSEX1
Registers at Return All registers must be unchanged.
Parameters
Word 1 Address of a halfword return code
Word 2 Address of the eight-byte file name
Word 3 Address of the two-byte TID for the file; a TID value of 0 indicates that the file has SHR status
Word 4 Address of the one-byte subfunction code:
S Show records of the SD file
Z Zap a record of the SD file
D Delete the SD file
Return Codes
0 Allow the request.
4 Security violation.
Considerations
a Is loaded once per call of USDLIB.
b Is loaded before invoking the display request.