Why does CSM need access to the facilities BPX.SERVER and BPX.DAEMON?
search cancel

Why does CSM need access to the facilities BPX.SERVER and BPX.DAEMON?

book

Article ID: 48707

calendar_today

Updated On:

Products

Compress Data Compression for MVS Compress Data Compression for Fujitsu Datacom DATACOM - AD Mainframe Software Manager (Chorus Software Manager) MICS Resource Management CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services CA ECOMETER SERVER COMPONENT FOC Easytrieve Report Generator for Common Services INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware

Issue/Introduction

BPX.SERVER is necessary when you want to use the BPX callable service pthread_security_np(). A server that uses the pthread_security_np() service can customize the RACF identity of a thread. Such server initiates a thread that processes the client's request. If the server customizes the thread initiated for the client with the clients' RACF identity,any resource access decisions to RACF-protected resources are made using the client's RACF identity and authorizations

CSM uses this function when it instantiates a new thread under logged user credentials. Actual CSM tomcat runs under different ACID than logged user has hence when CSM is supposed to allocate DATASET or does an SMP/E operation in context of logged user it must create a new thread within the server address space. CSM has to call pthread_security_np() to instantiate new thread with different (user's) security context.

Access to the facility BPX.DAEMON is not required by CSM. It is required only for the ID installing CSM and can be revoked once the installation is complete.

For additional information on access requirements, for the CSM Tomcat Server and access requirements for the installer of CSM, please see the CSM Install Guide.

Environment

Release: MSMNGR00200-5.1-Chorus Software Manager
Component:
Powered by Wolken Software