Requiring users to supply their own logon passwords frees you from establishing minidisk passwords and from making sure the appropriate people know your current minidisk password. However, the user requesting the link to your 191 minidisk must still supply a password—their own logon password.
In the following example, the LOGPASS option is added to REBECCAH’s rule. This specifies that REBECCAH is allowed to link to your 191 minidisk in read mode if REBECCAH supplies her own logon password. REBECCAH is no longer prompted to enter your minidisk password. All other users are still restricted from linking in read‑only mode to your 191 minidisk:
ACCEPT REBECCAH LINK 191 RR (LOGPASS REJECT * LINK 191 RR
The LOGPASS option on the rule ensures that it is actually REBECCAH accessing your data. By requiring REBECCAH’s logon password to complete the link, this option protects against passersby accessing your data from REBECCAH’s unattended terminal. The passerby can operate as user ID REBECCAH, but because the passerby does not know REBECCAH’s logon password, the passerby cannot link to your minidisk.
|
Copyright © 2014 CA.
All rights reserved.
|
|