USS file access with Top Secret in WARN MODE

book

Article ID: 185921

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP CA Web Administrator for Top Secret

Issue/Introduction

What happens when Top Secret is in Warn Mode and a user with only READ access tries to UPDATE a USS file?
Since the USS native file permissions are contained within the HFS file objects themselves does TSS WARN mode disregard enforcement of these permissions by the kernel?  

Environment

Release : 16.0

Component : CA Top Secret for z/OS

Resolution

There is always a check for UNIXPRIV(SUPERUSER) to see if a user is a superuser. This check takes place regardless of the Mode; but, when in WARN mode the user is allowed access and given UNIXPRIV(SUPERUSER). MODE does not effect the UNIX bits because this is a Top Secret resource access call. In Warn mode the call is successful and the user is a Superuser so there will be no checks for the bit settings.