Top Secret DB2SYS Checks Show x'4000' In WARN Mode And x'0000' In FAIL Mode In IDCAMS PRINT File
search cancel

Top Secret DB2SYS Checks Show x'4000' In WARN Mode And x'0000' In FAIL Mode In IDCAMS PRINT File

book

Article ID: 186530

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

In reviewing events for DB2SYS checks in WARN mode, when running TSSUTIL against extracted files to further extract the files with a list option and then IDCAMS dump the extracted file, the IDCAMS dump output ontains x'4000' even though the RDT entry for the DB2SYS resource class does not have access levels. Current records under fail mode have x'0000'. Is this of any significance?

From the WARN Records IDCAMS dump output (offset x'5F' in red):

RECORD SEQUENCE NUMBER - 5

000000  1E50002F 03930120 022FF4F1 F0F08000   0200F1F8 F4F7F2F0 40400000 00CA7BD4   
000020  C9C4004F 00010000 00000000 00000000   0000C3C9 D7D6C8C1 C2400019 D1740120   
000040  022FF1F8 F4F7F2F0 4040C76D AF000000   00000000 02088020 022F6308 33439140   
000060 00000008 88672CB0 40D1361B 0002957C   015128F1 F8F4F7F2 F04040C3 C9D7D6C8   
000080  C1C24000 00000000 00000000 00000000   00C4C6C8 D2C5E3C3 C2000000 00000000   
0000A0  00000000 100019D1 7420022F 05E2E8E2   C1C4D400 00000000 00000000 00000000   
0000C0  00000000 00000000 00000000 00000000   00000000 00000000 00000000 00000000   

 

Further down for a DB2PLAN here is the correct EXEC access request (offset x'5F' in red):

RECORD SEQUENCE NUMBER - 8

000000  1E50002F 03930120 022FF4F1 F0F08000   0200F1F8 F4F7F2F0 40400000 00CA7BD4   
000020  C9C4004F 00010000 00000000 00000000   0000C3C9 D7D6C8C1 C2400019 D1740120  
000040  022FF1F8 F4F7F2F0 4040C76D AF000000   00000000 02128020 022F6308 33439100   
000060 40000008 886700B6 40D1361B 0002957C   015128F1 F8F4F7F2 F04040C3 C9D7D6C8   
000080  C1C24000 00000000 00000000 00000000   00404040 40404040 40000000 00000000   
0000A0  00000000 100019D1 7420022F 06C1D6F0   F0C3F0F2 00000000 00000000 00000000   
0000C0  00000000 00000000 00000000 00000000   00000000 00000000 00000000 00000000  
0000E0  00000000 00000000 00000000 00000000   00000000 00000000 00000000        

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

The calls are coming from a CICS address space and will result in a default access of execute unless the rdt class has it's own access levels then they will be used.   This would be the case in warn or fail mode but the access of execute for DB2SYS(SYSADM)  will not have any bearing on how the security call is processed.  For DB2SYS(SYSADM) the acid is either has access or it does not.