CFALIAS

With the platform server CFALIAS (File Alias Control) function, the administrator can provide an alias for a file based on the information about the initiator.

When transmitting a file through the platform server, a user must know the file name on both the local system and the destination systems. Giving an outside user the permission to know and specify file names on your mainframe opens up a small security hole. If they can specify a file name, then they can change the file name. If RACF gives them authorization, then they can update the file.

With the platform server CFALIAS, you can limit the ability of a user to know and define a file that exists on the mainframe. For example, you can tell the user to define the file name as DOG, and platform server CFALIAS can change that file name to an actual file name.

Using File Alias Control, you can define the following criteria to permit a user to supply aliases on a file:
  • A user
  • A node or IP address
  • A combination of user and node/IP address
You can also use the following additional criteria:
  • Send or receive
  • File name as it exists on the mainframe
  • Alias file name as entered by the user
Note: CFALIAS checking is only performed for responder transfers. A responder transfer is a transaction that is started by a different platform server.

The file transfer type is dependent on the platform server for z/OS that processes the request. For example, a send request on the platform server for Windows is processed as a receive request on the platform server for z/OS and the receive parameters are validated against the platform server CFALIAS configuration.

You can activate the CFALIAS configuration parameters through one of the following two ways:
  • At the platform server startup.
  • When the platform server CFALIASREFRESH operator command is entered.