Rule Writing Guidelines › What Is Command Limiting?

What Is Command Limiting?

In a VM environment, the Control Program (CP) component of the operating system controls the operation of the CPU. Privileged VM users can control, modify, and display sensitive portions of the CP through a set of powerful commands, called CP commands. CA ACF2 for z/ VM command limiting is a way to control who can execute specific operands of CP commands.

The CP command classification scheme is a standard security facility of VM. It lets you classify a user to CP. By default, CP classifies users through seven nonhierarchical privilege classes, ranging from the highest level of A (defining a system operator) to G (general user). CA ACF2 for z/ VM does not interfere with the normal CP privilege class security. Normal privilege class validation is done even with command limiting active. CA ACF2 for z/ VM command limiting provides a finer degree of control over the execution of CP commands. Some of the benefits you receive from command limiting include:

• Controlling the use of individual command operands. For example, the CHANGE and TRANSFER commands let users manipulate reader, punch, and printer files. You control user access to files on the VM spooling system.
• Preventing users from executing a particular CP command without having to modify CP. For example, all class G users can normally issue the TRACE command. Command limiting can prevent users from executing TRACE and other powerful CP commands.
• Command limiting controls are very flexible. For example, you can:
  • Log the execution of powerful commands and operands to maintain a complete audit trail of their use
  • Select the particular CP commands that you want to control.