The software products SYS1.UADS and RACF (or compatible products like TOP-SECRET and ACF-2) installed in the z/OS system are used to check the transfer and access admissions of the FT user. Therefore, the same conditions to read and write file access apply to openFT and TSO or JES2-/JES3 users.

For send files and existing receive files, openFT uses the products named above to check the FT user's access rights (read/write) against the user ID and password specified in the TRANSFER-ADMISSION and, if necessary, against the file password. If this check is negative, the file transfer is not executed and the user obtains a appropriate message.

For data protection reasons, this message gives no indication which of the parameters USER-IDENTIFICATION, ACCOUNT or PASSWORD or the file password has been violated.

If a receive file does not yet exist, it is created by openFT. Here, too, openFT uses the products named above to check the access rights (write) against the user ID and password. If this check is negative, the file transfer is not executed, and the same message as above is output.

openFT does not assign access protection attributes to new files. In particular, no file password is given to the system and the "RACF bit" is not set in the DSCB of openFT. If you want to give immediate protection against unauthorized access to a new file under z/OS, you are recommended to use the RACF function "generic profile", which is described below.

This RACF function can be used to assign common protection to a group of files with a similar name structure. For example, all the files of a specific user ID with a name which contains the string TRANS can be protected against access by other user IDs. This also applies to files created by openFT.

The file protection attributes of the send file are not transferred to the receive system and therefore cannot be adopted for a new receive file.

openFT does not set a modification time limit for the file.