TDUMP recovery fault recording data sets

This section describes the required authorization to create, read, and delete exception condition RFR TDUMPs. Because a TDUMP requester can nominate the TDUMP data set name, this section also describes the naming convention process.

Note: The older RFR TDUMP naming convention of user ID high-level qualifier is no longer used because of the security and data set deletion problems that were frequently encountered with user ID TDUMP high-level qualifiers.

To overcome the security concerns of normal data set profiles with respect to TDUMP recovery fault recording data sets, Z Abend Investigator supports the use of the XFACILIT resource class as described in the following. Together with the use of the XFACILIT resource class, it is recommended that UACC(NONE) is used as the general data set profile access level for TDUMP recovery fault recording data sets, to prevent the possibility of security exposures. The exposure would exist if ALTER access was granted to all users on the RFR TDUMP data set profile to permit creation, instead of UACC(NONE) and the XFACILIT set up.

If a system has a situation where all end users have similar access privileges, then the RFR TDUMPs are still taken if you choose to not set up the XFACILIT HFZRFR_TDUMP_HLQ, and instead give all users ALTER access to the TDUMP data set profile. This environment would probably have all users with equal access to the history files on that system. However, if some users do not have read access to all history files, then HFZRFR_TDUMP_HLQ and UACC(NONE) on the data set profile should be considered to extend the protection to any linked RFR TDUMPS.