RACF Module IRRENV00 Being Called On A CA Top Secret System

Document ID : KB000048180
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

Using a Software inventory product, it was found that a RACF module is being called periodically even though the system is running CA Top Secret. The module is IRRENV00. Is this something to be concerned about? Why would this module be called?

Solution:

CA Top Secret does not call module IRRENV00 and it is not anywhere in our code.

IRRENV00 is the RACF front end command processor module. It has aliases for all of the RACF commands. Some of them are similar to TSS commands, such as PERMIT and REMOVE. If a user was going to issue a TSS PERMIT command and mistakenly forgot the TSS prefix, the result would be:


PERMIT(USERA) DSN(A.B.C)       
IKJ56621I INVALID COMMAND NAME SYNTAX 
READY

The error message looks like a normal TSO error message.

However, if a user entered it with correct RACF syntax they would get a different error:


PERMIT USERA DSN(A.B.C)       
IRR418I RACF PRODUCT DISABLED: COMMAND ENDED. 
READY

Most likely someone is entering the above and doesn't realize they are entering RACF commands.