The Inter-User Communications Vehicle (IUCV) is a VM Control Program (CP) facility that permits a program running in a virtual machine to communicate with other virtual machines, with a CP system service, and with itself.
Note: The product is shipped with IUCV security calls disabled. To enable the security, add an OPTIONS ({4}) entry in the parameter file.
The IUCV communication occurs between a source communicator and a target communicator and is used to:
CA Top Secret protects IUCV access to virtual machines during IUCV path creation through the IUCV keyword. For example, the following allows USER02 to establish an IUCV path with DVM01:
TSS PERMIT(USER02) IUCV(DVM01)
The Virtual Machine Communication Facility (VMCF) is another communications method provided by the CP component of VM. VMCF provides virtual machines with the ability to send data to and receive data from any other virtual machine.
CA Top Secret protects VMCF access to virtual machines during each VMCF SEND or SENDX operation through the VMCF keyword. For example, the following allows USER02 to initiate a VMCF SEND or SENDX operation to DVM01:
TSS PERMIT(USER02) VMCF(DVM01)
With Genlevel 9505, the following APARs make security checking for IUCV CONNECT optional (GO50617, GO50618, GO50619, GO50620, GO50616, and GO50621).
If you want to enable IUCV CONNECT security, you should apply one of the following special PTFs. You should also ensure that their secondary user is not connected to *MSG, or connected to any user connected to *MSG.
Making IUCV CONNECT optional was done to avoid possible system hangs if the server is processing any IUCV CONNECT requests for its secondary user, or for any ACID connected to the secondary user through *MSG.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|