ES_JES_HIGHER_SECURITY_LEVEL

Determines which programs are loaded based on checks made against the list of SYS1.LNKLIB entries.
Syntax
ES_JES_HIGHER_SECURITY_LEVEL={0|[1|NONE][2|BASIC][3|WARN][4|ENHANCED]}
Parameters
0
The behavior is unchanged with regard to JES enhanced security.
1|NONE
A value of 1 or NONE is the equivalent of not setting the value and maintains the behaviour of earlier versions of Enterprise Server. With a setting of 1 or no setting at all, warning messages about the number of SYS1.LNKLIB entries might be issued if none have been defined (JES000067W) and messages about programs not being loaded from certain locations (JES000069W) are also given. In addition, messages JCLCM0260W and JCLCM0308W might also be issued.
2|BASIC
A level of BASIC or 2 causes programs to be loaded from the list of SYS1.LNKLIB entries, STEPLIB, and JOBLIB locations. Programs in other locations are not loaded. The loading of programs from dynamic PDSs is also entirely disabled.
3|WARN
A level of WARN or 3 causes checks to be made against the PROGRAM and the PHYSFILE security classes. The PHYSFILE check is to make sure the PHYSFILE resource class is implemented. If these checks fail, a warning message (JCLCM0262W, JCLCM0263W or JCLCM0266W) is issued.
4|ENHANCED
A level of ENHANCED or 4 will cause the same PROGRAM and PHYSFILE checks to be made but if they fail then the job will abend with an S913 security error and a suitable message will be issued to indicate the failure.
Default
ES_JES_HIGHER_SECURITY_LEVEL=1