OMVS uses program control to prevent unauthorized programs from using
security services which allow a process to change its uid.
The "Dirty" Bit
Although ACF2 provides a mechanism to restrict access to data based
on the program(s) being executed, it does not support the RACF concept of
controlled libraries or Program Access to Data Support (PADS). RACF turns
on the so-called "dirty" bit in the TCB (TCBNCTL) when a program is
loaded which comes from outside of the controlled environment.
ACF2 does not turn on this bit unless you override the PROGMCHK SAFDEF.
Refer to the ACF2 Cookbook for more information.
The dirty bit may also be turned on:
Some OpenEdition services will not operate in a "dirty" environment.
These are security-related services usually invoked by OMVS daemons,
such as "setuid" which allows a process to change identity.
The errno returned is 157(X'9D') - EMVSERR - and the reason code (errno2)
returned is JRENVDIRTY (X'xxxx02AF').
- by TSO/E if the REXX stack instructions are in use (PULL, PUSH, QUEUE,
MAKEBUF) and the TCBNCTL bit is on in the jobstep TCB.
- if program files which do not have the program-controlled extended
attribute are loaded from an HFS. Note that program files with the
"sticky" bit on are loaded from MVS libraries which should not result
in the "dirty" bit being turned on.
- if program files are loaded from an HFS which has been mounted
with the NOSETUID option.
The extattr command can be used to turn on the program-controlled extended attribute.
The BPX.FILEATTR.PROGCTL resource is used to control who can set this attribute.