Implementing Ownable Resource Security › Protection for Control Program (CP) Commands › General User Commands › Privileged commands › Mixed commands

Mixed commands

These classes can have different meanings depending on the user’s class.

Examples: SET, QUERY

Some CP commands have different meanings for different privilege classes. For instance, the class B user who types in “QUERY DASD” receives information about the real DASD associated with the real CPU. On the other hand, the class G users who type in “QUERY DASD” get information about the virtual DASD associated with their virtual machines. As you recall, CA Top Secret (in FAIL mode, and when permitted in WARN mode) supersedes VM’s privilege classes. What happens when a user needs to query the DASD?

Suppose that the DCA for the Financial Department called FINDEPT gives USER01 the authority to issue the CP QUERY command:

TSS PERMIT(USER01) CPCMND(QUERY.DASD)

With this permit, USER01 may now issue a

QUERY DASD

For mixed CP commands, such as QUERY, that are either unprotected or executed in DORMANT mode, or protected but not permitted in WARN mode, the syntactical variations accepted by CP and the format or degree of their responses are determined by the privilege classes defined for the user in the CP directory.

In FAIL and IMPLEMENT modes, when permitted in WARN mode, or with ACTION(FAIL) in DORMANT mode, CA Top Secret determines the user’s privilege in executing a command like QUERY.

In order to grant users privileged access to protected CP commands, you must use ACTION(VMPRIV). VMPRIV means VMPRIVilege in a PERMIT for the basic CP command or for a specific variant.

You can use a TSS command like this one:

TSS PERMIT(USER01) CPCMD(QUERY.DASD) ACTION(VMPRIV)

where:

• TSS PERMIT=command function
• USER01=ACID
• CPCMD=keyword
• QUERY.DASD=operand of CPCMD keyword
• ACTION=keyword
• VMPRIV=operand of ACTION keyword

With this last TSS command function, USER01 is permitted to use QUERY DASD as a privileged user. In turn, USER01’s “QUERY DASD” returns a list of the real DASD, instead listing USER01’s virtual DASD. Therefore, ACTION(VMPRIV) is CA Top Secret’s way of controlling how ambiguous resource commands are used. The commands are ambiguous because they have one meaning for class G users and another meaning for privileged users. To reiterate, certain CP commands, including QUERY, can be ambiguous.

CA Top Secret also gives you the ability to limit the use of CP commands through the VMUSER keyword. The VMUSER keyword denotes who may be the target of the CP command. For example, consider the CP command FORCE.

TSS PER(USER01) CPCMD(FORCE)

Gives USER01 the ability to FORCE any virtual machine off the system.

TSS PER(USER01) CPCMD(FORCE)  VMUSER(USER02,USER03)

Gives USER01 the ability to FORCE the USER02 and USER03 machines off the system, but prevents USER01 from forcing any other machine off the system.

TSS PER(USER01) CPCMD(FORCE)  VMUSER(USER(G))

Gives USER01 the ability to FORCE only those machines whose name begins with USER.

There are also CP commands that support the VMUSER keyword.