Valid on z/OS.
Use the MLMODE control option to select the security mode in which Multilevel Security checking is performed.
The MLS mode operates independently of the CA Top Secret DAC security mode that is set with the MODE control option.
All entry methods are accepted.
This control option has the following format:
MLMODE(DORMANT|WARN|FAIL)
(Default) CA Top Secret performs security label validation at signon for all users that have a seclabel in their security record. Security labels are validated at system entry only. Violations are logged. No messages are returned to the console or the user.
CA Top Secret performs security label validation for all access attempts for resources that have a security label assigned to them.
Users guilty of security label violations receive a message indicating that they have violated security, but are not denied access to the resource unless DAC validation fails the request.
Permits MLS accesses to classified data sets and resources that normally would violate MLS validation rules and sends a warning message to the user (or system log). Violations are logged.
CA Top Secret denies all unauthorized access attempts due to security label validation violations. It prevents MLS accesses to classified data sets and resources based on MLS validation rules and sends an error message to the user (or system log). Violations are logged.
|
Copyright © 2013 CA.
All rights reserved.
|
|