TSS Installation Exit, Miscellaneous Questions About The $TXARAUD Flag.

Document ID : KB000033640
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

 

Q1°) Is the RESPOST exit point in the CA Top Secret Installation Exit called for all resource access events (other than DATASET and VOLUME, and subject to the EXIT attribute in the RDT), or only for successful resource access events?

Q2°) If the RACROUTE macro specifies LOG=NONE, will setting flag TXARIND.$TXARAUD cause the event to be logged, or will the LOG=NONE setting suppress the logging of the event? 

Q3°) Pointer TXA#DRC points to the DRC associated with the current event. If the user is in WARN mode and does NOT have access to a particular resource, a violation will be logged, but the access is still allowed (i.e., the return code is set to zero (0)). In the exit point RESPOST, for such an event as previously described, will TXA#DRC point to the appropriate non-zero DRC (Detailed Reason Code)?

 

Answer: 

 

 

A1°) The RESPOST exit point is only called for successful resource access events. This is done because if a violation occurs, a record in the ATF (Audit Tracking File will be cut anyway. When access is successful, the RESOURCE exit point is called first, then the RESPOST exit point is called. 
 
A2°) With LOG=NONE, the event won't be logged in any case, so setting the flag $TXARAUD won't cause the event to be logged.
 
A3°) Yes, That's correct. The DRC is always set appropriately regardless of what MODE the user is in. 
 

Additional Information:

 

The name of the Site Security Exit is TSSINSTX. This is the name you have to use when you link-edit it.    

 

Refer to the CA Top Secret for z/OS User Guide: Chapter 18: Extending Security With Site Security Exits for additional information regarding the TSSINSTX.