Customizing the File Manager security environment

File Manager provides security for system-oriented functions through RACF® (or an equivalent security product).

If RACF® or an equivalent security product is active, the System Authorization Facility (SAF) with the File Manager enhanced security facility is used for access control and authorization verification. Authorization is controlled by File Manager-specific profiles in the FACILITY class. See Setting up the security environment by using RACF or an equivalent security product for information on defining profiles. If you use another security product than RACF®, consult the documentation for your product to determine how to define the FILEM facility to your product.

As a minimum, you should define the following individual group profiles:
RDEFINE FACILITY FILEM.DISK.*         UACC(READ)   or NONE
RDEFINE FACILITY FILEM.DISK.FULLPACK  UACC(NONE)
RDEFINE FACILITY FILEM.LOADMOD.UPDATE UACC(READ)   or NONE
RDEFINE FACILITY FILEM.TAPE.*         UACC(READ)   or NONE
RDEFINE FACILITY FILEM.TAPE.BLP       UACC(NONE)
RDEFINE FACILITY FILEM.VSAM.*         UACC(READ)   or NONE
RDEFINE FACILITY FILEM.OAM.*          UACC(READ)   or NONE
RDEFINE FACILITY FILEM.OTHER.ALL      UACC(READ)   or NONE