If the installed security software is set up to do volume-level checking, the IBM IEC.TAPERING facility profile may need to be coded to allow those individuals with read-only access to certain data sets to read those data sets after they are written to Virtual Volumes. The facility may be needed because the operating system automatically prevents an individual with read-only access to a 3480 or 3490 tape data set from mounting the tape when that data set was created by someone with alter access and the write ring is installed. The write ring is always considered installed for Virtual Volumes.
Allowing people read access to the IEC.TAPERING facility will not override the existing data set level security. Any attempt by someone with read-only access to open the data set for output processing will be stopped by the security software.
Note: For information about the IEC.TAPERING facility, see the IBM SecureWay Security Server RACF Security Administrator's Guide.
|
Copyright © 2013 CA.
All rights reserved.
|
|