The DSPACE resource class is used to prevent a service machine (or any other machine) from giving access to its data spaces to an unauthorized machine. Consider the following command:
TSS PERMIT(USER01) DSPACE(SFSSERVR) ACCESS(READ)
In this example, any virtual machine running with USER01 ACID can be given READ ONLY access to a data space created by virtual machine SFSSERVR. It should be noted that, in this example, SFSSERVR is a virtual machine, not an ACID.
The actual DSPACE resource check takes place when SFSSERVR issues the ADRSPACE PERMIT macro internally to give access to a data space created by SFSSERVR. Since this action is driven by a request to SFSSERVR by USER01, any violation messages are issued to the machine requesting the action (in this case, USER01) and not to the machine actually driving the security check (SFSSERVR).
For further details on using the DSPACE resource class, including information on access levels, refer to the Command Functions Guide.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|