Add one or more bypass attributes to the ACID to extend the bypassing privilege so that any time a particular ACID makes a certain type of access request the request bypasses security checks.
Important! This is for disaster recovery procedures only.
The bypass options are:
Allows an ACID to bypass all resource checking except for data sets and volumes.
Allows an ACID to bypass all volume checking.
Note: If data set access is being requested, CA Top Secret responds according to the data set authorizations. To allow an ACID unrestricted access to an entire volume, you must also add the NODSNCHK attribute.
Allows an ACID to bypass data set checking. Do not confuse this attribute with ACTION(NODSN), which only affects access requests for a particular volume.
Allows an ACID to bypass LCF (Limited Command Facility) checking. For more details about LCF security, see Implementing LCF Security later in this chapter.
Allows an ACID to bypass job submission security checking. With this attribute, an associated ACID can submit all jobs regardless of the derived ACID on the job card being submitted.
Allows an ACID to bypass VM minidisk link checking.
These attributes are added to an ACID through the TSS ADDTO command function, and revoked through the TSS REMOVE command function.
Examples: bypass resource checking
This example allows the SUPRACID to bypass all resource checking:
TSS ADDTO(SUPRACID) NORESCHK
NOVOLCHK
NODSNCHK
NOVMDCHK
This example removes the privileges:
TSS REMOVE(SUPRACID) NORESCHK
NOVOLCHK
NODSNCHK
NOVMDCHK
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|