This parameter sets the return code for security rules that fail because of coding errors or because they exceed rule execution limits.
NOACTION
This value causes CA OPS/MVS to ignore the failed security rule, allowing the OPUSEX security routine to control access to CA OPS/MVS.
Note: As distributed, the OPUSEX routine requires the issuer to have TSO OPER authority. Therefore, if you modify OPUSEX or all your TSO users have OPER authority, a security rule failure can allow a user improper access to a resource.
REJECT
This value causes the secured function to fail, so it provides maximum security. However, if you use this option and a security rule controlling the ADDRESS AOF DISABLE command contains an error, you may not be able to disable any rules. You can recover from this situation using a command rule that allows secured MCS consoles to issue AOF commands. The OPSAOF rule in the OPS.SAMPLE.RULES library is an example of this type of rule.
Anytime
Example: SECRULEFAILURE
This function causes the secured function to fail.
OPSPRM('SET','SECRULEFAILURE','REJECT')
|
Copyright © 2014 CA.
All rights reserved.
|
|