JES2 files defined in a processor step are opened under the User ID. Since these files are also created with the User ID as the high level qualifier, there are generally no security issues.
However, if a JES2 file is dynamically allocated by a program that is being executed in a processor it is created with the Alternate ID as the high level qualifier and, since it is still opened by the User ID, this can lead to security violations if the user is not authorized to update files with that high level qualifier.
Generally, the violation messages will include an IEC150I 913-74 message pointing to the file (DD name) in question.
This problem is most commonly seen with Compuware's XPEDITER program, which dynamically allocates its CWPERRM and CWPCPIN files, but there have been other instances as well.
All versions of Endevor
There are 2 possible solutions for this problem: