I am getting a FACILITY resource violation for RFAC-BPX.POE. What is this resource and what rule needs to be coded to allow access?

Document ID : KB000026655
Last Modified Date : 14/02/2018
 Show Technical Document Details

Question:

I am getting a FACILITY resource violation for RFAC-BPX.POE. What is this resource and what rule needs to be coded to allow access?

Answer:

The FACILITY class resource RFAC-BPX.POE is an IBM resource.

The FACILITY class resource BPX.POE is a security call introduced with z/OS 1.5:

BPX1POE (__poe) - Port of Entry Information

Function:

The __poe() callable service specifies the port of entry information the system is to use in determining various levels of permission checking in a multilevel-secure system. The authorization that is required to invoke this service is the following:

  • Read access to the BPX.POE FACILITY resource.

Sample rule:

    $KEY(BPX) TYPE(FAC)
    POE UID(user's_ uid) SERVICE(READ) ALLOW

Additional Information: 

For further information on the BPX.POE resource review the appropriate IBM z/OS Planning for Multilevel Security documentation.