Basic Definition Mode

A security check verifies if the user is authorized to use the user ID (owner) in the rule definition.

RACF Security

For this verification:

Entity Checked: owner.SUBMIT

Class: SURROGAT

where owner is the user ID specified as the owner of the Control‑O rule.

A user who is authorized to submit a job on behalf of another user is also authorized to order Control‑O rules owned by that user.

TopSecret Security

The TopSecret Application Interface module (TSSAI) is called with the following parameters:

Resource Class: ACIDCHK

Resource Name: owner

where owner is the user ID specified as the owner of the Control‑O rule.

A user who is authorized to submit a job on behalf of another user is also authorized to order Control‑O rules owned by that user.

The following TopSecret command permits USERA to order a rule with ownerid set to USERB:

TSS PERMIT(USERA) ACID(USERB)

ACF2/SAF Security

For this verification:

Entity Checked: $SUBMIT.owner

Class: FACILITY

where owner is the user ID specified as the owner of the Control‑O rule.