A security check verifies if the user is authorized to use the user ID (owner) in the rule definition.
RACF Security
For this verification:
Entity Checked: owner.SUBMIT
Class: SURROGAT
where owner is the user ID specified as the owner of the Control‑O rule.
A user who is authorized to submit a job on behalf of another user is also authorized to order Control‑O rules owned by that user.
TopSecret Security
The TopSecret Application Interface module (TSSAI) is called with the following parameters:
Resource Class: ACIDCHK
Resource Name: owner
where owner is the user ID specified as the owner of the Control‑O rule.
A user who is authorized to submit a job on behalf of another user is also authorized to order Control‑O rules owned by that user.
The following TopSecret command permits USERA to order a rule with ownerid set to USERB:
TSS PERMIT(USERA) ACID(USERB)
ACF2/SAF Security
For this verification:
Entity Checked: $SUBMIT.owner
Class: FACILITY
where owner is the user ID specified as the owner of the Control‑O rule.
Parent Topic |