Issue:
User is able to access confidential reports running a batch job but is not defined to the CA View database. User run SARBCH pgm to load reports to a dataset. The SARINIT setting for SECURITY=LOGON. User is not defined with any Dist id. How can we stop user from seeing the reports?
SARATHUX - Database Utility Exit
External Security CLASS (CHA1VIEW)
Standard resource name (DBAS.db high level qualifier)
Access Level (Read, Update, Control, Alter)
Return Codes:
0 Exit has granted access - Do not call External Security
4 Exit has denied access - Do not call External Security
8 CA-View should determine access based on the SECURITY parameter
Since you are using Security=Logon, only rules pertaining to who can logon to CA View are checked. No rules are checked about authority to run batch jobs.
To protect against unauthorized running of SARBCH or SARINIT :
Additional Information:
As always, please contact CA Technologies support for CA View if you have further questions.